Re: SSL certificate problem with 3rd party

I was helping Jason with this a bit before he posted here, but didn’t have time to do full tests. I have run into this situation before and that time it ‘automagically’ started working the next day with an unaltered keystore. Arg! So this issue: I have a Win 7 VM with CF8.0.1 fully patched a

Re: SSL certificate problem with 3rd party

Simply stating it works on ColdFusion 10 is meaningless. ColdFusion 10 installs with Java 1.6 by default. So unless you’ve patched CF10 and explicitly installed Java 1.7 and edited your jvm.config to use Java 1.7 you are still on Java 1.6. Wil Genovese Owner / Sr Web Application Developer

Re: SSL certificate problem with 3rd party

> FYI, I tried things out on CF 10, and it appears to accept these types of > certificates without issue. What's the JVM version you're using on that installation? -Justin ~| Order the Adobe Coldfusion Anthology now! http://ww

Re: SSL certificate problem with 3rd party

Apologies, Justin is correct. I tested this on one of our CF 8 servers and the host file/IP manipulation worked as stated. I'm so used to dealing with the * certificate issue, I wasn't aware this wasn't the case for the new certificates with the multiple names. FYI, I tried things out on CF 10,

Re: SSL certificate problem with 3rd party

> You will need to import the star (*) certificate into the keystore for the > java instance ColdFusion is running upon. > > Basically ColdFusion doesn't like to speak to *.domain.com certificates (I > think CF10 doesn't mind so much), as it is not an exact match to the URL it > is attempting to

Re: SSL certificate problem with 3rd party

You will need to import the star (*) certificate into the keystore for the java instance ColdFusion is running upon. Basically ColdFusion doesn't like to speak to *.domain.com certificates (I think CF10 doesn't mind so much), as it is not an exact match to the URL it is attempting to access. t

Re: SSL certificate problem with 3rd party

> Can anyone provide assistance as to why CF 8.0.1 isn't happy > with this certificate? It sounds like they're using a certificate with multiple embedded hostnames (known as alternative names) which is not supported by Java 6. Importing the cert into the java cert cache won't help. You will nee

Re: SSL certificate problem with 3rd party

I dealt with this same problem. In my case, solution was to edit hosts file on server(s) so that internetsecure.com and test.internetsecure.com both have the same IP and then, in your cfhttp, use the name that matches the cert. On Thu, Jan 16, 2014 at 3:05 PM, Jason Durham wrote: > > A payment

Re: SSL certificate problem with 3rd party

Is it a 2048 bit cert? I seem to remember CF8 needing a patch to handle those. Jon On Jan 16, 2014, at 3:05 PM, Jason Durham wrote: > > A payment processor changed one of their certificates which is causing CF > to throw an exception when we try to connect via CFHTTP using SSL. > > The err

Re: SSL certificate problem with 3rd party

If I remember correctly, the JVM keeps it's own cache of certificates. I'd search for the commands to remove a cert from the built-in java keystore. It's pretty simple using the keytool app but you might need to restart CF to make it take. -Jake On Thu, Jan 16, 2014 at 2:05 PM, Jason Durham

Re: SSL on CFquery

Thanks Russ, ill take a look into this >You don't, afaik ypu simply need the client cert in the java keystore. >See this >http://dev.mysql.com/doc/refman/5.0/en/connector-j-reference-using-ssl.html > >There is a handu cfadmin extension on riaforge.org for managing your >keystore. > >Regards >Russ

Re: SSL on CFquery

You don't, afaik ypu simply need the client cert in the java keystore. See this http://dev.mysql.com/doc/refman/5.0/en/connector-j-reference-using-ssl.html There is a handu cfadmin extension on riaforge.org for managing your keystore. Regards Russ Michaels www.michaels.me.uk www.cfmldeveloper.co

Re: SSL on CFquery

Hi, We have a further issue with this. The hosting company have installed the SSL certificate on the database and provided us with the details of where the certificate is stored. However, in the CF connection string it asks to provide the url of the certificate. I am confused about how to g

Re: SSL on CFquery

Perfect! Many thanks Russ :) > Do the following to enable SSL connection: > > 1. > > In the ColdFusion Administrator, go to Data & Services > Data Sources. > > 2. > > Select the data source to enable SSL Connection. > 3. > > In the data source page, click Show Advance

Re: SSL on CFquery

Do the following to enable SSL connection: 1. In the ColdFusion Administrator, go to Data & Services > Data Sources. 2. Select the data source to enable SSL Connection. 3. In the data source page, click Show Advanced Settings. 4. In the Connection String text box, spec

Re: SSL Connections To Oracle

Thanks Russ. In looking at that document, for Oracle, it refers to two properties: "KeyStore=path to keystore; and TrustStore=path to keystore;". On Linux, would these to paths point to the "cacerts" file in %CF_Install_Path%/runtime/jre/lib/security? > Dont know if this applies to cf8 but >

Re: SSL Connections To Oracle

Dont know if this applies to cf8 but http://help.adobe.com/en_US/ColdFusion/9.0/Admin/WS50260aa90e50c24b-32f8955c122c2720693-7fff.html Regards Russ Michaels On Jul 23, 2012 3:20 PM, "Robert Nurse" wrote: > > Hello All, > > Has anyone ever configured CF8 (Linux) datasources that used SSL > conne

Re: SSL Connection to Postgresql

> > Thank you for the direction!  My only question with this is that the > host box is creating this keystore, so how will it be moved to the > remote client > > box? > > The server and client will have separate keystores. You simply need > to > use keytool to import the server's certificates

Re: SSL Connection to Postgresql

> Thank you for the direction!  My only question with this is that the host box > is creating this keystore, so how will it be moved to the remote client > box? The server and client will have separate keystores. You simply need to use keytool to import the server's certificates into the client'

Re: SSL Connection to Postgresql

> > I have a remote Redhat 5.0 box running PostgreSQL 8.0 and it's set > to accept SSL connections only.  I have the 3 root/cert files > necessary for > > the handshaking to occur between host and client.  The datasource to > the box works fine when unencrypted: jdbc:postgresql://x.x.x.x/main

Re: SSL Connection to Postgresql

> > I have a remote Redhat 5.0 box running PostgreSQL 8.0 and it's set > to accept SSL connections only.  I have the 3 root/cert files > necessary for > > the handshaking to occur between host and client.  The datasource to > the box works fine when unencrypted: jdbc:postgresql://x.x.x.x/main

Re: SSL Connection to Postgresql

> I have a remote Redhat 5.0 box running PostgreSQL 8.0 and it's set to accept > SSL connections only.  I have the 3 root/cert files necessary for > the handshaking to occur between host and client.  The datasource to the box > works fine when unencrypted: jdbc:postgresql://x.x.x.x/main (with >

Re: ssl

If you are using IIS, this page got me going. http://eduncan911.com/blog/getting-godaddy-ssls-working-in-firefox-on-iis.aspx ~Mahcsig On Fri, Oct 2, 2009 at 2:39 PM, denstar wrote: > > Maybe you need to install t

Re: ssl

Maybe you need to install the "intermediate" certificate? Usually the cert provider gives it to you with the cert. In apache httpd.conf it goes in like this: SSLCertificateFile "/path/to/your.crt" SSLCertificateKeyFile "/path/to/your.key" SSLCertificateChainFile "/path/to/your/chainFile.crt" -

RE: ssl

t: Friday, October 02, 2009 3:44 PM > To: cf-talk > Subject: RE: ssl > > > I think that simply translates what the user typed. If they typed in the > www, then it will be part of it. If not, it won't. The CGI doesn't look > into your web server to see what your actual d

RE: ssl

Dave -Original Message- From: Chad Gray [mailto:cg...@careyweb.com] Sent: Friday, October 02, 2009 2:35 PM To: cf-talk Subject: RE: ssl OH.. hang on it only errors in firefox. I tried IE and the certificate and my original code work fine (after I remove the www.) CGI.ServerName does inclu

RE: ssl

what your results actually are with different attempts. Dave -Original Message- From: Chad Gray [mailto:cg...@careyweb.com] Sent: Friday, October 02, 2009 2:30 PM To: cf-talk Subject: RE: ssl I tried this code and it takes me to http://www.www.beeculture.com/ www. Should not

RE: ssl

: Chad Gray [mailto:cg...@careyweb.com] > Sent: Friday, October 02, 2009 3:30 PM > To: cf-talk > Subject: RE: ssl > > > I tried this code and it takes me to http://www.www.beeculture.com/ > > www. Should not be part of CGI.ServerName right? > > > > > -

RE: ssl

I tried this code and it takes me to http://www.www.beeculture.com/ www. Should not be part of CGI.ServerName right? > -Original Message- > From: Dave Phillips [mailto:experiencedcfdevelo...@gmail.com] > Sent: Friday, October 02, 2009 3:16 PM > To: cf-talk > S

Re: ssl

> I have some code in application.cfm that is supposed to re-direct the user to > a non-ssl version of the page. > > > >         >                 url="http://www.#CGI.SERVER_NAME##CGI.PATH_INFO#?#CGI.QUERY_STRING#"; > addtoken="no"> >         >                http://www.#CGI.SERVER_NAME##CGI.

RE: ssl

riginal Message- From: Chad Gray [mailto:cg...@careyweb.com] Sent: Friday, October 02, 2009 3:06 PM To: cf-talk Subject: RE: ssl I remove the code and hit the web site with ssl and it works fine. I know the certificate is good. https://www.beeculture.com/ This one has me stumped. >

RE: ssl

Maybe Firefox is trying to protect a user from hitting an SSL page that has been hijacked somehow Dave -Original Message----- From: Chad Gray [mailto:cg...@careyweb.com] Sent: Friday, October 02, 2009 2:06 PM To: cf-talk Subject: RE: ssl I remove the code and hit the web

RE: ssl

8 PM > To: cf-talk > Subject: RE: ssl > > > My guess is you don't have a valid security certificate on the server. If > you have any cert installed, Firefox is first going to get that cert info > from the web server before your request ever gets to ColdFusion. What yo

RE: ssl

My guess is you don't have a valid security certificate on the server. If you have any cert installed, Firefox is first going to get that cert info from the web server before your request ever gets to ColdFusion. What you probably need to do is turn off the SSL on that site if you don't want peo

Re: SSL and https in ColdFusion

Sorry for the confusion...what I meant was that since AJAX requests are just HTTP requests, they too should follow the same guidelines. I believe if you are using SSL on the page, any AJAX calls form the CF stuff should also use SSL. On Tue, Sep 8, 2009 at 9:29 AM, Tom Chiverton wrote: > > On Tue

Re: SSL and https in ColdFusion

On Mon, Sep 7, 2009 at 4:52 PM, Richard McKenna wrote: > > Also I take it any cfincludes will automatically be called over https as > these are done before the file is sent to the browser? > You've gotten replies for the other issues, so I"ll just handle the cfinclude issue. You pretty much ans

Re: SSL and https in ColdFusion

On Tuesday 08 Sep 2009, Scott Stroz wrote: > The bindings will call the onRequest in App.cfc as that is juts a > regular ole HTTP request. Are you saying even on HTTPS pages, CFAJAX calls go over HTTP, not HTTPS ? -- Helping to preemptively generate synergistic infrastructures as part of the IT

Re: SSL and https in ColdFusion

For images/css/js files, if you use a relative path, the browser will automatically use the protocol for the current page, so if your page is HTTPS and you use a relative path for an image, the image will be loaded using HTTPS. The bindings will call the onRequest in App.cfc as that is juts a reg

Re: SSL (HTTPS) Web Service

Casey Dougall wrote: > I'm having the same issue here. Did these posts solve anything for ya Ian? Solve, no. The requirement went away. So I just filed these links away for future reference for the next time I have to deal with this issue.

Re: SSL (HTTPS) Web Service

I'm having the same issue here. Did these posts solve anything for ya Ian? On Thu, Mar 20, 2008 at 9:45 AM, Ian Skinner <[EMAIL PROTECTED]> wrote: > Is there some trick to consuming a web service over HTTPS(SSL) in > ColdFusion. I keep getting a " > > > Cannot generate stub objects for web ser

Re: SSL (HTTPS) Web Service

http://www.talkingtree.com/blog/index.cfm/2004/7/1/keytool http://www.coldfusionmuse.com/index.cfm/2005/01/29/keystore http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_19139 On Thu, Mar 20, 2008 at 11:36 PM, Ian Skinner <[EMAIL PROTECTED]> wrote: > James Holmes wrote: > > If the ser

Re: SSL (HTTPS) Web Service

James Holmes wrote: > If the server certificate is self-signed, you might need to import the > root Certificate Authority into your CF server keystore. I was afraid somebody was going to say something like that. Much of that is Greek to me. Any good step-by-step, fool-proof how to on just how

Re: SSL (HTTPS) Web Service

If the server certificate is self-signed, you might need to import the root Certificate Authority into your CF server keystore. On Thu, Mar 20, 2008 at 10:45 PM, Ian Skinner <[EMAIL PROTECTED]> wrote: > Is there some trick to consuming a web service over HTTPS(SSL) in > ColdFusion. I keep gettin

RE: SSL Necessary? Important?

Oh, come on James! What's a little cannibalism between friends! :o) > -Original Message- > From: James Holmes [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 6:44 PM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > Depending on local laws

Re: SSL Necessary? Important?

oblem. And we all try to balance > user-friendliness and security. But someone is always being bitten. > Everyone is just playing a game of Russian Roulette and hoping we're > not the one facing a round in the chamber. > > Rick > > > -Original Message- > >

RE: SSL Necessary? Important?

isk if somebody finds out about their user name and password and abuses it. At least that's my take... Rick > -Original Message----- > From: Todd [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 12:52 PM > To: CF-Talk > Subject: Re: SSL Necessary? Important

RE: SSL Necessary? Important?

Russian Roulette and hoping we're not the one facing a round in the chamber. Rick > -Original Message- > From: Claude Schneegans [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 1:36 PM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > >>I

RE: SSL Necessary? Important?

> Here's some of the "Terms" for use of Zillow.com... a Real > Estate listing website. > > 9. LIABILITY LIMITATION; EXCLUSIVE REMEDY. IN NO EVENT WILL > ZILLOW.COM OR ANY SUPPLIER BE LIABLE FOR ANY DAMAGES ... > > Now that pretty iron-clad legally, I think, that no matter > what you do, passwo

Re: SSL Necessary? Important?

>>IN NO EVENT WILL ZILLOW.COM OR ANY SUPPLIER BE LIABLE FOR ANY DAMAGES I'm sorry, but just from the very begining, this statement has absolutely no value. I hope you didn't pay a lawyer to write it. Nobody can state, in advance on not that "he is not liable or responsible". ONLY a judge in cou

Re: SSL Necessary? Important?

I'm not sure how Zillow.com's terms supports your "My strong password or else" argument (which is what I thought this was) as all you did was show me their terms of use. Now try to find one one here - http://www.sharebuilder.com/sharebuilder/Security/Default.aspx I can choose any password I want

RE: SSL Necessary? Important?

> Anyway, the problem with strong passwords is they're not > easily, if at all, memorable. That doesn't have to be true: http://en.wikipedia.org/wiki/Passphrase Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instructio

Re: SSL Necessary? Important?

I can assure you that I'm not your wife and there are some areas where I'm very cut to the chase and other areas where I have learned to be more flexible I guess. :) On Jan 25, 2008 11:40 AM, Rick Faircloth wrote: > You sound like my wife who's always telling me to be more civil and stop > that "

RE: SSL Necessary? Important?

IL PROTECTED] > Sent: Friday, January 25, 2008 11:04 AM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > Rick, > > I get it. I do. What I'm suggesting is instead of cramming down a password > down the throat to use clearly written english description of wh

RE: SSL Necessary? Important?

count, I wouldn't have a clue for awhile. Rick > -Original Message- > From: Todd [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 11:04 AM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > Rick, > > I get it. I do. What I

Re: SSL Necessary? Important?

Rick, I get it. I do. What I'm suggesting is instead of cramming down a password down the throat to use clearly written english description of what a STRONG password would be and to use validation to determine what's a strong / weak passwords. There's plenty of javascript / serverside validatio

RE: SSL Necessary? Important?

> From: Todd [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 9:35 AM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > Would you consider gmail to be pretty important if you used it daily like I > do? Let's take a look at what Google says in their

Re: SSL Necessary? Important?

Would you consider gmail to be pretty important if you used it daily like I do? Let's take a look at what Google says in their EULA: = 6. Your passwords and account security 6.1 You agree and understand that you are responsible for maintaining

RE: SSL Necessary? Important?

f a poor choice which leads to your ruin. I'm not going down with you... I think that's fair. I'll be most EUA's have something like that buried in their "legalize". Thoughts? Rick > -Original Message- > From: Todd [mailto:[EMAIL PROTECTED] > Se

Re: SSL Necessary? Important?

Rick, is it really not possible to compromise? It's one thing to enforce and shove a password down my throat... it's something else to educate the end-user on what a "strong" password is. On Jan 25, 2008 8:46 AM, Rick Faircloth <[EMAIL PROTECTED]> wrote: > No problem... if you won't let me choos

RE: SSL Necessary? Important?

Message- > From: Rick Root [mailto:[EMAIL PROTECTED] > Sent: Friday, January 25, 2008 8:20 AM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > On 1/24/08, Rick Faircloth <[EMAIL PROTECTED]> wrote: > > One solution that I have used is to allow users to choose

Re: SSL Necessary? Important?

On 1/24/08, Rick Faircloth <[EMAIL PROTECTED]> wrote: > One solution that I have used is to allow users to choose their username, > usually just their email address, but I force a very strong password > on them generated with CF. Nothing annoys me more, personally, than a web site that won't let m

RE: SSL Necessary? Important?

> Is the SSL encryption overkill for something like this? Or > would it be advisable? How big a security risk is there for > personal info like this? The security risk is probably acceptable for your client, even if they don't know that. However, it's so cheap to use SSL that you might as well

Re: SSL Necessary? Important?

On 1/24/08, Dawson, Michael <[EMAIL PROTECTED]> wrote: > It doesn't matter whose responsibility it is. If a bank account gets > hacked because of the church's web site, it will hurt the credibility of > the church. Yeah but God will protect them from that. Damn, now I'm going to hell. -- Rick

Re: SSL Necessary? Important?

>>In a world of paranoia, SSL is *NEVER* overkill for protecting logins of any kind. provided you assume paranoia... -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [

RE: SSL Necessary? Important?

, but it's for their protection and mine. And if they forget that password, the system simply issues another equally strong one. Rick > -Original Message- > From: Todd [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 24, 2008 2:58 PM > To: CF-Talk > Subject: Re: SSL

Re: SSL Necessary? Important?

Yeah, I will agree with that. I'm two minds of this apparently. It's one thing if a simple forum has my username/password stolen, quite something different if my SSN was stolen. My co-worker gave the argument that if a username/password can be traced back to you and additional information can be

RE: SSL Necessary? Important?

r guy even if the other guy gots not smarts. M!ke -Original Message- From: Todd [mailto:[EMAIL PROTECTED] Sent: Thursday, January 24, 2008 1:58 PM To: CF-Talk Subject: Re: SSL Necessary? Important? o_O Mike, if your bank account gets hacked dude because YOU used the same username/passwor

RE: SSL Necessary? Important?

o: CF-Talk Subject: Re: SSL Necessary? Important? >>Then, I sign up for your church's web site and use the same username and password combination. Now, if someone sniffs that unsecured connection, they now have my bank username and password. Ok, but it is not the church responsibilit

Re: SSL Necessary? Important?

On 1/24/08, Todd <[EMAIL PROTECTED]> wrote: > While I agree that account identifying information should be encrypted in > the database, I don't agree that the church is responsible for the end > user's stupidity of using the same username/password for every website out > there. I would agree, I us

Re: SSL Necessary? Important?

o_O Mike, if your bank account gets hacked dude because YOU used the same username/password for every site the only person to blame here is YOU. I'm sorry, but this thinking is just way backwards. Should the church also be responsible if someone stole your ATM card and the PIN number just happen

RE: SSL Necessary? Important?

>While I agree that account identifying information should be encrypted in the database, I don't agree that the church is responsible for the end user's stupidity of using the same username/password for every website out there. I agree, but tell this to all of the non-techies out there. We run ac

RE: SSL Necessary? Important?

Very true... thanks, Michael. Rick > -Original Message- > From: Dawson, Michael [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 24, 2008 9:58 AM > To: CF-Talk > Subject: RE: SSL Necessary? Important? > > I don't think SSL is always necessary. It depends on

Re: SSL Necessary? Important?

On Jan 24, 2008 9:57 AM, Dawson, Michael <[EMAIL PROTECTED]> wrote: > For example, I may log in to my bank's web site using "michael" and > "password". The bank's web site is secure so I no worry. > > Then, I sign up for your church's web site and use the same username and > password combination.

Re: SSL Necessary? Important?

>>Then, I sign up for your church's web site and use the same username and password combination. Now, if someone sniffs that unsecured connection, they now have my bank username and password. Ok, but it is not the church responsibility to protect you bank username and password. It's your proble

RE: SSL Necessary? Important?

I don't think SSL is always necessary. It depends on the content. However, it is pretty common that many people use the same username and password for many different systems. For example, I may log in to my bank's web site using "michael" and "password". The bank's web site is secure so I no wo

Re: SSL Necessary? Important?

Rick, Don't believe anything dave says. He's just disrupting again. Anyway, do *I* look like I would make fun of you? :) Will ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Fr

RE: SSL Necessary? Important?

'll come in soon. Wouldn't want to miss it, you know! > -Original Message- > From: Dave l [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 23, 2008 8:54 PM > To: CF-Talk > Subject: Re: SSL Necessary? Important? > > umm sha i meant > > > Will is tryi

Re: SSL Necessary? Important?

lol, so prove me wrong!!! captain lady killer ;)~ >Rick, > >Don't believe anything dave says. He's just disrupting again. > >Anyway, do *I* look like I would make fun of you? :) > >Will ~| Adobe® ColdFusion® 8 software 8 is

Re: SSL Necessary? Important?

Will is trying to make fun of u (yes again) but the way I look at it at least you have more than 1 client, he can't say that :) You can use ssl on there with no big deal. If you aren't encrypting your passwords then sure it could be a big deal if someone gets ahold of their username and password

Re: SSL Necessary? Important?

umm sha i meant > Will is trying to make fun of u (yes again) but the way I look at it > at least you have more than 1 client, he can't say that :) > > You can use ssl on there with no big deal. > If you aren't encrypting your passwords then sure it could be a big > deal if someone gets ahold o

Re: SSL Installation

Disable port 80 listening :-) "This e-mail is from Reed Exhibitions (Gateway House, 28 The Quadrant, Richmond, Surrey, TW9 1DN, United Kingdom), a division of Reed Business, Registered in England, Number 678540. It contains information which is confidential and may also be privileged. It is

RE: SSL Installation

Check the port. Something like this: https://www.domain.com";> HTH Marius Milosav ScorpioSoft Corp. www.scorpiosoft.com -Original Message- From: Robert Rawlins - Think Blue [mailto:[EMAIL PROTECTED] Sent: June 21, 2007 5:26 PM To: CF-Talk Subject: SSL Installation Hello Guys

RE: SSL Installation

mailto:[EMAIL PROTECTED] > Sent: Thursday, June 21, 2007 8:45 PM > To: CF-Talk > Subject: RE: SSL Installation > > > I've now installed my shiny new ssl certificate and it seems > > to work just lovely, if I browse the https:// address then I > > get the little loc

RE: SSL Installation

> I've now installed my shiny new ssl certificate and it seems > to work just lovely, if I browse the https:// address then I > get the little lock and all that jazz, now, how do i button > down the hatches so the https:// version is the only version > accessibly on my site? I'm running win2k3

Re: SSL Installation

This is off the top of my head but in CF you can do: https://blah.com";> On 6/21/07, Robert Rawlins - Think Blue <[EMAIL PROTECTED]> wrote: > > Hello Guys, > > > > I kind of feel a little silly asking this, but net admin never was my > strong > point... > > > > I've now installed my shiny

RE: SSL Domain redirect without error message

> -Original Message- > From: Dave Watts [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 17, 2007 7:49 PM > To: CF-Talk > Subject: RE: SSL Domain redirect without error message > > > Either I'm doing something wrong or the only way to do it is > > to g

RE: SSL Domain redirect without error message

> Like always you are right. I wish. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visi

Re: SSL Domain redirect without error message

Thanks Dave, Like always you are right. As per my previous email, I think it's working the way it should and the certificate is given for certain domain and one shouldn't be able to change it willy nilly. It will defeat the purpose Thanks Victor On 4/17/07, Dave Watts <[EMAIL PROTECTED]> wrote:

RE: SSL Domain redirect without error message

> Either I'm doing something wrong or the only way to do it is > to get a wild card ssl certificate that covers both domains : > www.xyzdomain.com and xyzdomain.com You're not doing anything wrong, and that's exactly what you'll have to do if you want people to be ab

RE: SSL Domain redirect without error message

> You would need to do this at the web server level. Are you > running Apache or IIS? If you're running Apache, I could give > you some code that would do this for you. ;) If you're > running IIS, Google for information on setting up a 301 redirect. > > Because this redirection is done at the w

Re: SSL Domain redirect without error message

Hi Stephens, I'm afraid this won't work either. Your SSL certificate is for basketbasics.com domain. if you type https://www.basketbasics.com you will get a browser notification message and thinking about the purpose of a SSL certificate it makes sense. Thanks Victor On 4/17/07, Stephens, Larry

RE: SSL Domain redirect without error message

I have a certificate on my basketbasics.com account (in that name). I use a javascript redirect in the root that redirects either basketbasics.com or www.basketbasics.com and it works okay for me. (See below) I don't know if how the certificate is installed is a function of this or not.

Re: SSL Domain redirect without error message

You would need to do this at the web server level. Are you running Apache or IIS? If you're running Apache, I could give you some code that would do this for you. ;) If you're running IIS, Google for information on setting up a 301 redirect. Because this redirection is done at the web server le

Re: SSL Domain redirect without error message

You know, the best thing to do might be to give them a "domain not found" error when they enter in xyzdomain.com. That way, they do recheck the address. George On 4/17/07, George Abraham <[EMAIL PROTECTED]> wrote: > > Hmm, that is true, the middle site would also have to have the SSL cert > cover

Re: SSL Domain redirect without error message

Hmm, that is true, the middle site would also have to have the SSL cert cover it. George On 4/17/07, Victor Moore <[EMAIL PROTECTED]> wrote: > > Hi George, > > Thank you for your response. Unfortunately it won't work (as far as I can > tell). > I am ding a redirection now, but the message pops up

Re: SSL Domain redirect without error message

Hi George, Thank you for your response. Unfortunately it won't work (as far as I can tell). I am ding a redirection now, but the message pops up before the redirection occurs. Either I'm doing something wrong or the only way to do it is to get a wild card ssl certificate that covers both domains :

Re: SSL Domain redirect without error message

Victor, If you do have access to the web server's configuration, why not define a site called https://xyzdomain.com and then have a single page in the home directory there that redirects to the correct site: https://www.xyzdomain.com? I usually have a single such directory that I have all such site

Re: SSL and Flash

al Message- From: Matthew Irwin To: CF-Talk Sent: Fri Dec 01 20:45:24 2006 Subject: Re: SSL and Flash I understand that an that port is open. But would you know as to why my Flash Forms will not appear unless I put it under a vitual directery that is not SSL. Is there a setting in Cold Fusion I

RE: SSL and Flash

If you mean you're displaying a page within SSl and it isn't showing, that's mainly because the code to embed it is referencing non-https urls. Check the embed/object tag to see if the codebase url and the others also point to their SSL mirrors. Cheers, !k -Original Message- From: Matth

Re: SSL and Flash

I understand that an that port is open. But would you know as to why my Flash Forms will not appear unless I put it under a vitual directery that is not SSL. Is there a setting in Cold Fusion I am missing? Thanks >Well 443 is the SSL port. > > > > > >"This e-mail is from Reed Exhibitions (Gateway

  1   2   3   4   5   >