Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 670
  • Last Modified:

Unable to post to Secure URL using CFHTTP (Urgent)


 I have the following cfhttp call that PUTs an XML file to a secure URL.  

 It  works fine on an unsecure URL, but when we switch to test with a secure URL, it fails.

 This works...
<cfset variables.URL = "http://www.mydomain.com/services">

<cfhttp method = "PUT" url = "#variables.URL#" throwOnError = "No">
     <cfhttpparam type="xml" value="#variables.xmlContent#">
</cfhttp>

 Using this URL instead it fails  (note the https)
<cfset variables.URL = "https://www.mydomain.com/services">

 We are getting a "connection failure" error.

 The secure URL has been tested using another mechansim (other than coldfusion) and it is working.

 Thanks for your help!!

0
gdemaria
Asked:
gdemaria
  • 3
  • 2
1 Solution
 
SidFishesCommented:
this help?

To use HTTPS with the cfhttp tag, you might need to manually import the certificate for each web server into the keystore for the JRE that ColdFusion uses. This procedure should not be necessary if the certificate is signed (issued) by an authority that the JSSE (Java Secure Sockets Extension) recognizes (for example, Verisign); that is, if the signing authority is in the cacerts already. However, you might need to use the procedure if you are issuing SSL (secure sockets layer) certificates yourself.
To manually import a certificate:

   1. Go to a page on the SSL server in question.
   2. Double-click the lock icon.
   3. Click the Details tab.
   4. Click Copy To File.
   5. Select the base64 option and save the file.
   6. Copy the CER file into C:\CFusionMX7\runtime\jre\lib\security (or whichever JRE ColdFusion is using).
   7. Run the following command in the same directory (keytool.exe is located in C:\CFusionMX7\runtime\jre\bin):

      keytool -import -keystore cacerts -alias giveUniqueName -file filename.cer

http://livedocs.macromedia.com/coldfusion/7/htmldocs/wwhelp/wwhimpl/common/html/wwhelp.htm?context=ColdFusion_Documentation&file=00000272.htm
0
 
gdemariaAuthor Commented:

 Thanks SidFishes, I am persuing that avenue but a couple stumbling blocks.

 - the certificate is signed but not by Verisign, so its unclear if its recognized or not by JSEE.  Presumably it would be.
 - we are using Linux, which the directions don't cover but..
 - we installed on Windows (following your directions above) and tested and it didn't work there

  thanks again - any more ideas greatly appreciated !
0
 
SidFishesCommented:
What version of JRE are you using?

 cfhttp needs 1.4 to work

http://www.houseoffusion.com/groups/CF-Talk/thread.cfm/threadid:25206
0
 
gdemariaAuthor Commented:

 Thanks Sid, I will check that out!   The urgency has subsided with a work-around.. phew..
0
 
gdemariaAuthor Commented:

 Thanks very much!

  Sorry I didn't return sooner to close the question
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now