Re: CFHTTP, self-signed certificates - authentication issues.
current SSL certs are now using 2048 bit or greater encryption, which requires an update to the CA cert in browsers. Perhaps the same is tue for Java/ColdFusion ? On Wed, Sep 14, 2011 at 5:23 AM, Leigh cfsearch...@yahoo.com wrote: Also, is there a way to verbosely log the cf / java behind cfhttp to see a more detailed error message? If you do not mind tons of logging, try using the jvm argument -Djavax.net.debug=all http://kb2.adobe.com/cps/998/9987e902.html ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347456 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
CFHTTP, self-signed certificates - authentication issues.
Hi. I'm trying to make a REST webservice call to another server on the local network using CFHTTP. The server communicates over HTTPS and has a self-signed certificate, so I imported it into the Java cacerts keystore (http://kb2.adobe.com/cps/400/kb400977.html) and I can list it and see it in there. However, I'm still getting cfhttp.ErrorDetail = I/O Exception: peer not authenticated I also tested the URL with cURL from the CF server and it does the authentication handshake but response is compressed(?) PKwSxKhmuecfkOOdw6UQ75SLViTBf3ZXzQNNBU8qiByUNxlswYhTmlXc3csh... What am I missing? Thanks! .jonah ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347444 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFHTTP, self-signed certificates - authentication issues.
perhaps this will help you http://www.bpurcell.org/blog/index.cfm?entry=843mode=entry Russ I also tested the URL with cURL from the CF server and it does the authentication handshake but response is compressed(?) PKwSxKhmuecfkOOdw6UQ75SLViTBf3ZXzQNNBU8qiByUNxlswYhTmlXc3csh... What am I missing? Thanks! .jonah ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347445 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFHTTP, self-signed certificates - authentication issues.
Thanks Russ. That was one of the posts I found and used to import the certificate. I'll re-do everything but I'm pretty sure I've got the cert installed correctly. .jonah On 9/13/11 1:37 PM, Russ Michaels wrote: perhaps this will help you http://www.bpurcell.org/blog/index.cfm?entry=843mode=entry Russ I also tested the URL with cURL from the CF server and it does the authentication handshake but response is compressed(?) PKwSxKhmuecfkOOdw6UQ75SLViTBf3ZXzQNNBU8qiByUNxlswYhTmlXc3csh... What am I missing? Thanks! .jonah ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347448 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFHTTP, self-signed certificates - authentication issues.
What version of ColdFusion? I've seen issues with even a Verisign cert under 9.x that required finagling at the java level to finally resolve the issue. -- Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog twitter.com/ophbalance ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347452 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFHTTP, self-signed certificates - authentication issues.
The server is ColdFusion 9.0.1 hotfix 1 / Java 1.6.0_17 64 bit / Windows 2008 64 bit. Also, is there a way to verbosely log the cf / java behind cfhttp to see a more detailed error message? Thx, .jonah On 9/13/11 4:55 PM, Matthew Williams wrote: What version of ColdFusion? I've seen issues with even a Verisign cert under 9.x that required finagling at the java level to finally resolve the issue. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347454 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFHTTP, self-signed certificates - authentication issues.
Also, is there a way to verbosely log the cf / java behind cfhttp to see a more detailed error message? If you do not mind tons of logging, try using the jvm argument -Djavax.net.debug=all http://kb2.adobe.com/cps/998/9987e902.html ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347455 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm