?
Solved

setting properties of a webservice secured by SSL

Posted on 2008-11-14
5
Medium Priority
?
826 Views
Last Modified: 2012-05-05
I am connecting to a webservice secured by SSL v3.  Although I have the cert in my keystore it is failing.  I found that if I browse the webservice from my server using IE (with less forgiving security settings), I can see this error appear:

       Revocation Information for the security certificate is not available.  Do you want to proceed?

 But it leads me to suspect that my webservice's connection error is being caused by my webservice not being able to respond to this question with a Yes or No answer.

I am using Coldfusion, which sits on top of Java.  Is there a way to tell it to ignore certificate errors?
Alternatively, how could the certificate holder update the certificate to keep this error from happening?

Here's some sample code...


<cfset wsargs = structnew()>
<cfset wsargs.refreshwsdl="yes">
 
<CFSET javaSystem = createObject("java", "java.lang.System") />
<CFSET prop = javaSystem.getProperties() />
<CFSET prop.setProperty("javax.net.ssl.trustStore", "D:\CFusion8\runtime\jre\lib\security\cacerts") />
<CFSET prop.setProperty("javax.net.ssl.trustStorePassword", "changeit") />
 
<cfset ws = CreateObject("webservice","https://theirWebSite.com/ws2008/service.asmx?wsdl", wsargs)>
<cfset ws._setProperty("axis.transport.version", "1.1")>

Open in new window

0
Comment
Question by:gdemaria
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:visorx
ID: 22967694
Check if you can navigate to CRL url. You can get it in certificate information window in IE. Copy the CRL url and paste in IE. IE should be able to reach it.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 22967840
Thanks for responding visorx!   I have posted this issue in many places and gotten nothing - I really appreciate it!

The image shows the certificate file, this seems to be the path you're referring to.   It does open a file when placed in the browser URL on my server.

http://crl.verisign.com/Class3InternationalServer.crl

Therefore, as you suggesting the issue is something else?

certificateDetail.jpg
0
 
LVL 1

Accepted Solution

by:
visorx earned 2000 total points
ID: 22968278
Ok this may seems little messy to me. I'll try to help but I can only guide you to possible solution.
Actually two possibilities for this error are there: first is that the IE browser is not able to verify the certificate and another one is that the certificate itself is not valid.
For the first problem:
1. Verify that Internet Explorer is configured to use SSL 2.0 and SSL 3.0. (Internet tools->options->Advanced) Make sure that Use SSL 3.0 is chcked.
2. Verify that the Microsoft Cryptographic Services service is started. Start->Run->type "net start cryptsvc" and then press ENTER.
3. Verify that the date and time settings on your computer are correct.

For second possibility:
1. Make sure that Certificate expiry date is present and is valid.
2. If the publishing CA of the CRL does not match the issuing CA for the certificate for which certificate revocation is being checked, then the certificate revocation check fails.

Ok if all this fails then, we'll need to get more deep. If all this fails then please explain a little to me how you are expecting the authentication/verification to work.

Cheers

0
 
LVL 39

Author Comment

by:gdemaria
ID: 23106784

It turns out that Coldfusion 8 does not support SSL v3,  CF 9 is supposed to support it, due out next summer.

0
 
LVL 39

Author Closing Comment

by:gdemaria
ID: 31516943
Thanks very much for your efforts.

It turns out that Coldfusion 8 does not support SSL v3
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
In this post we will learn different types of Android Layout and some basics of an Android App.
Viewers learn about the “for” loop and how it works in Java. By comparing it to the while loop learned before, viewers can make the transition easily. You will learn about the formatting of the for loop as we write a program that prints even numbers…
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
Suggested Courses
Course of the Month15 days, 21 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question