At work, we have a number of 3rd party vendors that we post to with CFHTTP calls. Unless we add their certificate to the java keystore, the CFHTTP connections fail. It wasn't a big deal at first, but the more vendors we support, the more certificates I add... and the more often a certificate is expiring.
It is to the point where I'm updating one certificate or another every month or two. My question is why do I have to add these certificates to the keystore at all? They validate fine in a browser (in fact, that is where I always get the x.50- certificate from... by exporting it through the browser). This is only an issue for vendors that we have to CFHTTP post to; I do not need to import certificates to support vendors with web services. Is there a better method that wouldn't require updating the keystore everytime a certificate is renewed? .:.:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com http://cf4em.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:349869 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm