Re: Re: [ACFUG Discuss] cfhttp and SSL
We got it finally... yeah the certs were a pain... I'm going to write up a blog post about the experience. Oh and fyi aparently there is a bug in java 1.4.x that your key cant be larger than 2048. On 10/24/06, Dean H. Saxe [EMAIL PROTECTED] wrote: Verifying the remote cert provides authentication of the remote server. So my guess would be that you didn't install the appropriate root certs correctly. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] I have always strenuously supported the right of every man to his own opinion, however different that opinion might be to mine. He who denies another this right makes a slave of himself to his present opinion, because he precludes himself the right of changing it. -- Thomas Paine, 1783 On Oct 24, 2006, at 2:54 PM, Steven Ross wrote: Anyone used cfhttp with SSL? having a really fun time trying to set this up and get it going... i installed my certificate (at least i think i did it correctly)... i had to convert it from a pem file and then i installed it. Hoever now i am getting this in CF when i try to cfhttp with ssl: ErrorDetail: I/O Exception: peer not authenticated -- Steven Ross web application interface developer http://www.zerium.com [mobile] 404-488-4364 [fax] 928-484-4364 - To unsubscribe from this list, manage your profile @ http:// www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com - - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com - -- Steven Ross web application interface developer http://www.zerium.com [mobile] 404-488-4364 [fax] 928-484-4364 - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
Re: Re: [ACFUG Discuss] cfhttp and SSL
Yeah it was a configuration issue on the cert and converting into javas weird format... once we got it installed cf was spitting out useful errors from java (at least). Thanks for the info dean... I don't know why a 4k key was generated to begin with but, good to know a 2k one is plenty. On 10/24/06, Max Immelman [EMAIL PROTECTED] wrote: Steven, I had issues with using a shared cert, but it like you are not sharing a cert. The prob. i had was that the application variables were not being passed on when entering a https page. So I had to come up with a work around. but again, I don't think you are sharing a cert. Max - Original Message - From: Steven Ross [EMAIL PROTECTED] To: ACFUG ColdFusion Discussion discussion@acfug.org Sent: Tuesday, October 24, 2006 2:54 PM Subject: [ACFUG Discuss] cfhttp and SSL Anyone used cfhttp with SSL? having a really fun time trying to set this up and get it going... i installed my certificate (at least i think i did it correctly)... i had to convert it from a pem file and then i installed it. Hoever now i am getting this in CF when i try to cfhttp with ssl: ErrorDetail: I/O Exception: peer not authenticated -- Steven Ross web application interface developer http://www.zerium.com [mobile] 404-488-4364 [fax] 928-484-4364 - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com - - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com - -- Steven Ross web application interface developer http://www.zerium.com [mobile] 404-488-4364 [fax] 928-484-4364 - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -