All right... I just tested this myself and sure enough, CF 5 handles a
TLS1.0 connection on a Windows 2000 box.  


Mark A. Kruger, CFG, MCSE
(402) 408-3733 ext 105
www.cfwebtools.com
www.coldfusionmuse.com
www.necfug.com

-----Original Message-----
From: Mark Kruger [mailto:mkru...@cfwebtools.com] 
Sent: Wednesday, February 25, 2009 4:12 PM
To: cf-talk
Subject: RE: CFHTTP and SSL v3


Hmmm.... Very interesting... 

CF 5 uses an ipswitch com or something to make HTTP connections ... Or is it
something native to windows through the stack? 

-Mark 


Mark A. Kruger, CFG, MCSE
(402) 408-3733 ext 105
www.cfwebtools.com
www.coldfusionmuse.com
www.necfug.com

-----Original Message-----
From: Amit Talwar [mailto:talwar.a...@gmail.com]
Sent: Wednesday, February 25, 2009 3:53 PM
To: cf-talk
Subject: Re: CFHTTP and SSL v3


> I had read it in several blog postings but nothing definitive from 
> Adobe.  I've done some more checking and it appears you are right 
> about it working for CF7.  Now if only the authorize.net test site was 
> up to date I could test my apps.
> 
> Cheers
> 
> Mike
> 
> >Michael,
> >
> >I had about concluded that 6 and 7 actually DO support 3.0. Can you
> tell me
> >what docs indicated otherwise?
> >
> >-mark
> > 
> >
> >
> >Mark A. Kruger, CFG, MCSE
> >(402) 408-3733 ext 105
> >www.cfwebtools.com
> >www.coldfusionmuse.com
> >www.necfug.com
> >
> >I got the same email from Authorize.net.  We are using CFMX7 and from
> what I
> >have read it doesn't support ssl 3.0 via cfhttp. If anyone has a
> quick
> >solution I'd appreciate it.  Likewise if I find one I'll let everyone
> know. 
> >
> >Thanks
> >Mike

I got an email a while ago from Authorize.net that they have set up the test
server with ssl 2.0 disabled and only ssl 3.0 enabled. and they provided all
the information.
To be sure i checked that using serversslsniffer and ssl 2.0 ciphers were
disabled.
and For SSL 3.0 only 128 bit and above ciphers were supported.

So now i have tested one app that i have moved from cf5 to cf8 and it
connected fine as expected. :)

Now is the strange thing : I tested another app that is in cf5 and is yet to
be ported to cf 8.0.

Strangely that app also connected fine to the new SSL 3.0 Testing server.
This is going above my head now. Docs say cfhttp in cf 5 only supports up to
56 bit.
Going by that it should not have connected. 
Both cf5 app and cf8 apps are on different servers and both have ssl 2.0
disabled anyways.
 Any ideas?? what going on here. Do i port the other cf5 app??

~Amit








~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to 
date
Get the Free Trial
http://ad.doubleclick.net/clk;207172674;29440083;f

Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:319841
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to