I am migrating spring boot version 2.7.3 to spring-boot 3.0.0 so existing code is breaking related to HttpClients

Question

import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
 
@Configuration
@Profile("dev")
public class RestTemplateConfigurationDev {
   @Bean
   public RestTemplate getRestTemplate() {
       CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
 
       HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
 
       requestFactory.setHttpClient(httpClient);
       requestFactory.setConnectTimeout(30000);
       requestFactory.setReadTimeout(30000); 
       requestFactory.setConnectionRequestTimeout(30000);

       return new RestTemplate(requestFactory);
    }
} 

In above code,

requestFactory.setHttpClient(httpClient)

This method is not accepting the CloseableHttpClient object after upgrading to the latest spring boot version.

requestFactory.setReadTimeout(30000);

While this method is deprecated.

Does anybody have an idea on how to fix these issues in spring boot 3.0?

Answer 1

As mentioned in the Migration Guide, support for Apache HttpClient has been removed in Spring Framework 6.0, immediately replaced by org.apache.httpcomponents.client5:httpclient5.

Firstly, add httpclient5 as dependency as Victor mentioned as solution.

<dependency>
    <groupId>org.apache.httpcomponents.client5</groupId>
    <artifactId>httpclient5</artifactId>
    <version>5.2</version>
</dependency>

Then you can use the code below.

import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
import org.apache.hc.client5.http.ssl.TrustAllStrategy;
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

@Configuration
@Profile("dev")
public class RestTemplateConfigurationDev {
    @Bean
    public RestTemplate getRestTemplate() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        CloseableHttpClient httpClient = HttpClients.custom()
                .setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create()
                        .setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
                                .setSslContext(SSLContextBuilder.create()
                                        .loadTrustMaterial(TrustAllStrategy.INSTANCE)
                                        .build())
                                .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                                .build())
                        .build())
                .build();
        HttpComponentsClientHttpRequestFactory requestFactory =
                new HttpComponentsClientHttpRequestFactory();
        requestFactory.setHttpClient(httpClient);// this method is not accepting the CloseableHttpClient object
        requestFactory.setConnectTimeout(30000);
        requestFactory.setReadTimeout(30000); //This method is deprecated in spring boot 3.0
        requestFactory.setConnectionRequestTimeout(30000);
        return new RestTemplate(requestFactory);
    }
}

I edited your code with reference this link How to ignore SSL certificate errors in Apache HttpComponents HttpClient 5.1.

Answer 2

Try importing a newer version of the HttpClient, like the Http5 Client. This dependency should solve your problem.

<dependency>
        <groupId>org.apache.httpcomponents.client5</groupId>
        <artifactId>httpclient5</artifactId>
        <version>5.2</version>
</dependency>

But please, use a proper formatting once you post a question.