Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Disabling SSL checking for Spring web-client

The following code is what I am using to try and build a web client instance that can talk to a https server with an invalid certificate.

SslContext sslContext = SslContextBuilder
        .forClient()
        .trustManager(InsecureTrustManagerFactory.INSTANCE)
        .build();
    HttpClient httpClient = HttpClient
        .create()
        .secure(sslContextSpec -> sslContextSpec.sslContext(sslContext));
    ClientHttpConnector connector = new ReactorClientHttpConnector(httpClient);
    WebClient client = WebClient
        .builder()
        .clientConnector(connector)
        // ... 
        .build();

The purpose of this is to make the web client not check the ssl however when ran the JVM crashes with an error "javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure". Could someone please point me into the right direction as previous SO posts dont seem to fix the problem and lead to the same handshake error.

like image 396
B Shannon Avatar asked Apr 17 '26 20:04

B Shannon


1 Answers

Just in case anyone gets this error with their spring webclient, the solution that ended up working for me was adding protocols and ciphers into the SSLcontext.

Iterable<String> allowedCiphers = List.of("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");

    SslContext sslContext = SslContextBuilder
        .forClient()
        .protocols("SSLv3","TLSv1","TLSv1.1","TLSv1.2")
        .ciphers(allowedCiphers)
        .trustManager(InsecureTrustManagerFactory.INSTANCE)
        .build();
like image 142
B Shannon Avatar answered Apr 20 '26 11:04

B Shannon



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!