Re: Wildcard Certificate and CFHTTP over SSL
What version is your SSL. SSLv3 can produce similar results. I had a similar situation and had to create a java class and seperate keystore for SSLv3 certificates. CFHTTP does not support SSLv3 and should not work at all, but in my situation I was able to connect to a testing platform (same cert), but not the production systems. Wes ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278262 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Wildcard Certificate and CFHTTP over SSL
> I tried your site and get a connection error too, However I also > tried > one of our sites, also using a wildcard cert (not from the same > provider as yours) and that worked fine. > > Did you restart CF (or even all of JRun) after adding the CA cert to > the keystore? > > On 5/16/07, Colin Jones <[EMAIL PROTECTED]> wrote: > > We're running CFMX 7.0.2 (using JRun4) and have everything set up > and working with the exception that CFHTTP calls to our server, which > has a wildcard SSL certificate (*.rgu.ac.uk) are not working. > > > > My immediate suspicion is that when trying to connect to https://www. > rgu.ac.uk, CFHTTP is seeing the certificate as *.rgu.ac.uk, deciding > it is not a match for www.rgu.ac.uk and therefore rejecting the > connection. The root certifying authority has been added to trustStore, > ordinary CFHTTP connection work, as do CFHTTP to other SSL sites with > 'normal' certificates. > > -- > mxAjax / CFAjax docs and other useful articles: > http://www.bifrost.com. au/blog/ Yep - we definitely have restarted the servers. I'm not so sure about my original theory now either as our test servers also use the same wildcard certificate, and they appear to be able to connect using the wildcard without a problem... :( ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278253 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Wildcard Certificate and CFHTTP over SSL
I tried your site and get a connection error too, However I also tried one of our sites, also using a wildcard cert (not from the same provider as yours) and that worked fine. Did you restart CF (or even all of JRun) after adding the CA cert to the keystore? On 5/16/07, Colin Jones <[EMAIL PROTECTED]> wrote: > We're running CFMX 7.0.2 (using JRun4) and have everything set up and working > with the exception that CFHTTP calls to our server, which has a wildcard SSL > certificate (*.rgu.ac.uk) are not working. > > My immediate suspicion is that when trying to connect to > https://www.rgu.ac.uk, CFHTTP is seeing the certificate as *.rgu.ac.uk, > deciding it is not a match for www.rgu.ac.uk and therefore rejecting the > connection. The root certifying authority has been added to trustStore, > ordinary CFHTTP connection work, as do CFHTTP to other SSL sites with > 'normal' certificates. -- mxAjax / CFAjax docs and other useful articles: http://www.bifrost.com.au/blog/ ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278252 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Wildcard Certificate and CFHTTP over SSL
We're running CFMX 7.0.2 (using JRun4) and have everything set up and working with the exception that CFHTTP calls to our server, which has a wildcard SSL certificate (*.rgu.ac.uk) are not working. My immediate suspicion is that when trying to connect to https://www.rgu.ac.uk, CFHTTP is seeing the certificate as *.rgu.ac.uk, deciding it is not a match for www.rgu.ac.uk and therefore rejecting the connection. The root certifying authority has been added to trustStore, ordinary CFHTTP connection work, as do CFHTTP to other SSL sites with 'normal' certificates. Anyone any idea why CFHTTP calling an https:// page would be failing - perhaps because of the wildcard certificate - and if so what we can do to fix this? Cheers, Colin. ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278251 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
