> You will need to import the star (*) certificate into the keystore for the > java instance ColdFusion is running upon. > > Basically ColdFusion doesn't like to speak to *.domain.com certificates (I > think CF10 doesn't mind so much), as it is not an exact match to the URL it > is attempting to access.
In this case it's not a wildcard certificate, it's a standard cert using the "subject alternative names" extension which isn't supported on Java 6. Importing the certificate into the Java keystore won't help in this case because the primary name on the certificate doesn't match the hostname being called. Java will only check against the primary hostname and not the "alternative names" listed in the certificate. Calling the primary hostname on the certificate and using a hosts entry to override the DNS entry to direct it to the right IP is the only workaround in this instance. -Justin Scott ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357465 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
