1

I am using Spring Cloud, and RestTemplate to connect to micro services using SSL.

When I do:

restTemplate.exchange("https://myservice/properties", HttpMethod.GET,null, String.class)

it is using RibbonClientHttpRequestFactory.

I got:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at
sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:421) ~[na:1.7.0_72]

g00glen00b
  • 41,995
  • 13
  • 95
  • 133
blindstack
  • 251
  • 3
  • 10
  • have to define @FeignClient("https://myservice") to work with https, and it works like a charm – blindstack Jun 08 '15 at 16:05
  • I suspect that this is just a general `RestTemplate` https problem. Did you google that exception? I found this stack overflow question http://stackoverflow.com/questions/12095758/apache-httpclient-sslpeerunverifiedexception – spencergibb Jun 08 '15 at 16:49
  • yes, it is resolved. and now I am switching over to use FeignClient. never knew that FeignClient needs to define as "https" with the service name if micro services are using SSL. – blindstack Jun 09 '15 at 13:27
  • the reason is they use different http clients underneath. The one configured with `RestTemplate` is more secure in that it doesn't accept ssl that it doesn't know about, the one that Feign uses by default is less secure by default, it ignores security errors with ssl. – spencergibb Jun 09 '15 at 16:49
  • the way to resolve is to configure ribbon client isSecure=true, and create a custom socket factory to accept the SSL cert – blindstack May 03 '16 at 18:19

0 Answers0