Okay, so I looked up how to and used the following command syntax: C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file C:\temp\certfile.cer -keystore C:\CFusion\runtime\jre\lib\security\cacerts -storepass password
which imported successfully (verified with the list command). Restarted server (in case that is required). Still get socket closed. :-( I imported *just* the certificate from the server I'm connecting to. Do I need anything else in there? Like any of the intermediate/chain or root certs as well? Should I be importing some sort of combined certificate? Or just individually import one at a time? Any help is appreciated. Thanks, Dan On 12/10/2013 2:53 PM, Russ Michaels wrote: > Have u imported the ssl into the key store? > > Russ Michaels > www.michaels.me.uk > cfmldeveloper.com > cflive.net > cfsearch.com > On 10 Dec 2013 20:52, "Dan LeGate"<d...@legeek.com> wrote: > >> I take it back... exact same code EXCEPT my code in outside the Custom >> Tag folder had excluded the PORT attribute, so I assume it was going to >> the non-SSL port and working fine. >> >> Once I added port = "636" to that code, exact same response: socket closed >> >> Again, the LDAPS (636) port is open to the ColdFusion server. >> >> I'm thinking it's an SSL issue. What steps need to be taken to ensure >> LDAPS communication works? >> >> Thanks! >> >> Dan >> >> On 12/10/2013 12:36 PM, Dan LeGate wrote: >>> Here's the weirdness I'm experiencing... >>> >>> I have a Custom Tag we've been using for years that is called from most >>> of our applications and authenticates them to a Sun LDAP server. >>> >>> We are moving to an Active Directory service, and when I attempt to do a >>> bind against the new system, I get: >>> >>> An error has occurred while trying to execute query :servername.com:636; >>> socket closed. >>> >>> However, if I run that SAME cfldap command in a .cfm file out in a >>> regular web folder (i.e. not as a Custom Tag under the ColdFusion >>> directory), it works fine! >>> >>> I have restarted the server to make sure any old Custom Tag code isn't >>> somehow cached. I have verified the SSL (636) port is open to the CF >>> server. >>> >>> Any ideas on this one? Very confused by this. >>> >>> Thanks for any feedback! >>> >>> Dan >>> >>> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357338 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm