'Building a SSLSocketFactory to enable HTTPs for custom Feign Client configuration

I'm trying to add HTTPs to my spring boot services, one of them is a Feign Client that is throwing this error:

xception in thread "Thread-7" feign.FeignException$BadRequest: [400] during [GET] to [http://some REST API]: Bad request This combination of host and port requires TLS.

The configuration for the feign client is such:

@Bean
   @ConditionalOnProperty(name = FEIGN_CLIENT_NAME_PROPERTY, matchIfMissing = false)
   public Client feignClient(ApplicationContext context) {
      final LoadBalancerClientFactory loadBalancerClientFactory = new LoadBalancerClientFactory();
      loadBalancerClientFactory.setApplicationContext(context);

      final BlockingLoadBalancerClient loadBalancerClient = new BlockingLoadBalancerClient(loadBalancerClientFactory);
      final FeignBlockingLoadBalancerClient delegate = new FeignBlockingLoadBalancerClient(
         new Client.Default(getSSLSocketFactory(), null), // TODO: specify parameters if SSL is enabled
         loadBalancerClient
      );

      return new Client() {
         @Override
         public Response execute(Request request, Options options)
            throws IOException {
            return delegate.execute(request, options);
         }
      };
   }

According to the TODO I see the place to insert my own SSLSocketFactory but I'm very unsure as to how? My other services are currently using a pkcs12 keystore (generated using keytools) by using server.ssl.* properties. But I need the Feign Client to be able to interact with it. So far I've just shamelessly copy-pasted the following segment to try:

 private SSLSocketFactory getSSLSocketFactory() {
        try {
            TrustStrategy acceptingTrustStrategy = new TrustStrategy() {
                @Override
                public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    return true;
                }
            };

            SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
            return sslContext.getSocketFactory();
        } catch (Exception exception) {
        }
        return null;
    }

Could anyone give me pointers on what I should add/change to make sure my FeignClient is working with HTTPS?

javaspring-bootsslspring-cloud-feign


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions