setting properties of a webservice secured by SSL

Posted on 2008-11-14
Last Modified: 2012-05-05
I am connecting to a webservice secured by SSL v3.  Although I have the cert in my keystore it is failing.  I found that if I browse the webservice from my server using IE (with less forgiving security settings), I can see this error appear:

       Revocation Information for the security certificate is not available.  Do you want to proceed?

 But it leads me to suspect that my webservice's connection error is being caused by my webservice not being able to respond to this question with a Yes or No answer.

I am using Coldfusion, which sits on top of Java.  Is there a way to tell it to ignore certificate errors?
Alternatively, how could the certificate holder update the certificate to keep this error from happening?

Here's some sample code...

<cfset wsargs = structnew()>

<cfset wsargs.refreshwsdl="yes">

<CFSET javaSystem = createObject("java", "java.lang.System") />

<CFSET prop = javaSystem.getProperties() />

<CFSET prop.setProperty("", "D:\CFusion8\runtime\jre\lib\security\cacerts") />

<CFSET prop.setProperty("", "changeit") />

<cfset ws = CreateObject("webservice","", wsargs)>

<cfset ws._setProperty("axis.transport.version", "1.1")>

Open in new window

Question by:gdemaria
    LVL 1

    Expert Comment

    Check if you can navigate to CRL url. You can get it in certificate information window in IE. Copy the CRL url and paste in IE. IE should be able to reach it.
    LVL 39

    Author Comment

    Thanks for responding visorx!   I have posted this issue in many places and gotten nothing - I really appreciate it!

    The image shows the certificate file, this seems to be the path you're referring to.   It does open a file when placed in the browser URL on my server.

    Therefore, as you suggesting the issue is something else?

    LVL 1

    Accepted Solution

    Ok this may seems little messy to me. I'll try to help but I can only guide you to possible solution.
    Actually two possibilities for this error are there: first is that the IE browser is not able to verify the certificate and another one is that the certificate itself is not valid.
    For the first problem:
    1. Verify that Internet Explorer is configured to use SSL 2.0 and SSL 3.0. (Internet tools->options->Advanced) Make sure that Use SSL 3.0 is chcked.
    2. Verify that the Microsoft Cryptographic Services service is started. Start->Run->type "net start cryptsvc" and then press ENTER.
    3. Verify that the date and time settings on your computer are correct.

    For second possibility:
    1. Make sure that Certificate expiry date is present and is valid.
    2. If the publishing CA of the CRL does not match the issuing CA for the certificate for which certificate revocation is being checked, then the certificate revocation check fails.

    Ok if all this fails then, we'll need to get more deep. If all this fails then please explain a little to me how you are expecting the authentication/verification to work.


    LVL 39

    Author Comment


    It turns out that Coldfusion 8 does not support SSL v3,  CF 9 is supposed to support it, due out next summer.

    LVL 39

    Author Closing Comment

    Thanks very much for your efforts.

    It turns out that Coldfusion 8 does not support SSL v3

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Suggested Solutions

    #SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
    Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
    Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
    This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now