Unable to post to Secure URL using CFHTTP (Urgent)

gdemaria
gdemaria used Ask the Experts™
on

 I have the following cfhttp call that PUTs an XML file to a secure URL.  

 It  works fine on an unsecure URL, but when we switch to test with a secure URL, it fails.

 This works...
<cfset variables.URL = "http://www.mydomain.com/services">

<cfhttp method = "PUT" url = "#variables.URL#" throwOnError = "No">
     <cfhttpparam type="xml" value="#variables.xmlContent#">
</cfhttp>

 Using this URL instead it fails  (note the https)
<cfset variables.URL = "https://www.mydomain.com/services">

 We are getting a "connection failure" error.

 The secure URL has been tested using another mechansim (other than coldfusion) and it is working.

 Thanks for your help!!

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
this help?

To use HTTPS with the cfhttp tag, you might need to manually import the certificate for each web server into the keystore for the JRE that ColdFusion uses. This procedure should not be necessary if the certificate is signed (issued) by an authority that the JSSE (Java Secure Sockets Extension) recognizes (for example, Verisign); that is, if the signing authority is in the cacerts already. However, you might need to use the procedure if you are issuing SSL (secure sockets layer) certificates yourself.
To manually import a certificate:

   1. Go to a page on the SSL server in question.
   2. Double-click the lock icon.
   3. Click the Details tab.
   4. Click Copy To File.
   5. Select the base64 option and save the file.
   6. Copy the CER file into C:\CFusionMX7\runtime\jre\lib\security (or whichever JRE ColdFusion is using).
   7. Run the following command in the same directory (keytool.exe is located in C:\CFusionMX7\runtime\jre\bin):

      keytool -import -keystore cacerts -alias giveUniqueName -file filename.cer

http://livedocs.macromedia.com/coldfusion/7/htmldocs/wwhelp/wwhimpl/common/html/wwhelp.htm?context=ColdFusion_Documentation&file=00000272.htm

 Thanks SidFishes, I am persuing that avenue but a couple stumbling blocks.

 - the certificate is signed but not by Verisign, so its unclear if its recognized or not by JSEE.  Presumably it would be.
 - we are using Linux, which the directions don't cover but..
 - we installed on Windows (following your directions above) and tested and it didn't work there

  thanks again - any more ideas greatly appreciated !
What version of JRE are you using?

 cfhttp needs 1.4 to work

http://www.houseoffusion.com/groups/CF-Talk/thread.cfm/threadid:25206

 Thanks Sid, I will check that out!   The urgency has subsided with a work-around.. phew..

 Thanks very much!

  Sorry I didn't return sooner to close the question

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial