Re: https connection issues using cfhttp
Is the ssl cert actually for the ip address, the error says it is for hub Regards Russ Michaels www.michaels.me.uk www.cfmldeveloper.com - Free CFML hosting for developers www.cfsearch.com - CF search engine On Jan 17, 2013 3:12 PM, Ian Chapman ian.chap...@melodimedia.co.uk wrote: Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353951 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
re: https connection issues using cfhttp
You are going to have to edit your hosts file and create a pointer for hub that directs it to 187.141.14.122. Then when you call the webservice, you'll use https://hub/...; to access it. I've been through this before as well and this should do it after you've imported the certificate from the site. -- Jeff Original Message From: Ian Chapman ian.chap...@melodimedia.co.uk Sent: Thursday, January 17, 2013 8:13 AM To: cf-talk cf-talk@houseoffusion.com Subject: https connection issues using cfhttp Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353952 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: https connection issues using cfhttp
Hi Russ, When saving the file from Firefox it gets saved by default as HUB.cer. And that's what I imported into the keystore. I did as a test tried saving as 187.141.14.122.cer but the filename is obviously arbitrary so didn't help. When I look at the certificate in Windows it says issued to HUB and issued by HUB. But I'm not sure how you'd create a certificate issued from 187.141.14.122. This is the end point so you can see the certificate in question if it helps. https://187.141.14.122:443/asg/services/SubscribeProductService Regards, Ian. -Original Message- From: Russ Michaels [mailto:r...@michaels.me.uk] Sent: 17 January 2013 15:30 To: cf-talk Subject: Re: https connection issues using cfhttp Is the ssl cert actually for the ip address, the error says it is for hub Regards Russ Michaels www.michaels.me.uk www.cfmldeveloper.com - Free CFML hosting for developers www.cfsearch.com - CF search engine On Jan 17, 2013 3:12 PM, Ian Chapman ian.chap...@melodimedia.co.uk wrote: Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353953 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: https connection issues using cfhttp
+1 what Jeff said. Dealt with this same issue here: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:64157 On Thu, Jan 17, 2013 at 9:37 AM, Jeff Garza j...@garzasixpack.com wrote: You are going to have to edit your hosts file and create a pointer for hub that directs it to 187.141.14.122. Then when you call the webservice, you'll use https://hub/...; to access it. I've been through this before as well and this should do it after you've imported the certificate from the site. -- Jeff Original Message From: Ian Chapman ian.chap...@melodimedia.co.uk Sent: Thursday, January 17, 2013 8:13 AM To: cf-talk cf-talk@houseoffusion.com Subject: https connection issues using cfhttp Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353954 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: https connection issues using cfhttp
that is your problem then, the cert does not match the hostname. so here are the options 1. create a hosts entry as others have said 2. get the person running the web service to assign a domain or sub-domain to it and create a cert for that domain. On Thu, Jan 17, 2013 at 3:46 PM, Ian Chapman ian.chap...@melodimedia.co.ukwrote: Hi Russ, When saving the file from Firefox it gets saved by default as HUB.cer. And that's what I imported into the keystore. I did as a test tried saving as 187.141.14.122.cer but the filename is obviously arbitrary so didn't help. When I look at the certificate in Windows it says issued to HUB and issued by HUB. But I'm not sure how you'd create a certificate issued from 187.141.14.122. This is the end point so you can see the certificate in question if it helps. https://187.141.14.122:443/asg/services/SubscribeProductService Regards, Ian. -Original Message- From: Russ Michaels [mailto:r...@michaels.me.uk] Sent: 17 January 2013 15:30 To: cf-talk Subject: Re: https connection issues using cfhttp Is the ssl cert actually for the ip address, the error says it is for hub Regards Russ Michaels www.michaels.me.uk www.cfmldeveloper.com - Free CFML hosting for developers www.cfsearch.com- CF search engine On Jan 17, 2013 3:12 PM, Ian Chapman ian.chap...@melodimedia.co.uk wrote: Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353955 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: https connection issues using cfhttp
Hi Jeff, I did see something like that suggested somewhere else but think I had misunderstood what I should point to the IP. Now you've said it like that it makes complete sense. That works a treat, connecting ok. Why didn't I post here earlier. :) Really appreciate your help. Regards, Ian. -Original Message- From: Jeff Garza [mailto:j...@garzasixpack.com] Sent: 17 January 2013 15:37 To: cf-talk Subject: re: https connection issues using cfhttp You are going to have to edit your hosts file and create a pointer for hub that directs it to 187.141.14.122. Then when you call the webservice, you'll use https://hub/...; to access it. I've been through this before as well and this should do it after you've imported the certificate from the site. -- Jeff Original Message From: Ian Chapman ian.chap...@melodimedia.co.uk Sent: Thursday, January 17, 2013 8:13 AM To: cf-talk cf-talk@houseoffusion.com Subject: https connection issues using cfhttp Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353956 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: https connection issues using cfhttp
Ok thanks John. I did search before posting but didn't see that. -Original Message- From: John M Bliss [mailto:bliss.j...@gmail.com] Sent: 17 January 2013 15:48 To: cf-talk Subject: Re: https connection issues using cfhttp +1 what Jeff said. Dealt with this same issue here: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:64157 On Thu, Jan 17, 2013 at 9:37 AM, Jeff Garza j...@garzasixpack.com wrote: You are going to have to edit your hosts file and create a pointer for hub that directs it to 187.141.14.122. Then when you call the webservice, you'll use https://hub/...; to access it. I've been through this before as well and this should do it after you've imported the certificate from the site. -- Jeff Original Message From: Ian Chapman ian.chap...@melodimedia.co.uk Sent: Thursday, January 17, 2013 8:13 AM To: cf-talk cf-talk@houseoffusion.com Subject: https connection issues using cfhttp Hi Guys, I've been wrestling with a problem calling a SOAP Web Service using cfhttp. The endpoint is an https URL to a server IP, not a host name. We are running MX7. Initially when I tried connecting I got the usual error response from an untrusted authority source: ErrorDetail: I/O Exception: peer not authenticated Usually when this happens we download the certificate (DER format saved as a .cer file) from the site using a browser and add it to the Java SDK truststore using the keytool -import command in the jrun/jre/lib folder. This all went ok and I can see the certificate when I list them using the keytool - list... command. This changed the error response to: ErrorDetail: I/O Exception: Name in certificate `hub' does not match host name `187.141.14.122' My first issue is very common and usually easy to resolve, but the latter has caused a lot of head banging. What I can tell is that it seems to be self signed certificate and feel this might be part of the problem. Any ideas? Regards, Ian. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353957 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm