• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1362
  • Last Modified:

cfhttp equivalent of -insecure or -k in cUrl to ignore a less than adequate CA cert on a https site

So I'm posting to an https site in coldfusion cfhttp and am getting failures.  Upon closer look using cURL it seems the site has a less than adequate CA cert.  See below for response back from cURL.

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify faile
d
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.


Now if using the -insecure or -k option in cURL it basically ignores this issue with the site cert and goes about its business.  Essentially in all browsers it ignores this, but just lets you know about it and goes about its business.

Coldfusion however, will just straight out fail.  Anyway around this?  is there a -insecure or -k like option in coldfusion that will allow me to ignore this?
0
Matt Grofsky
Asked:
Matt Grofsky
  • 2
1 Solution
 
Hammo777Commented:

I believe this is an option in the CFX_HTTP5 tag that you can buy for $50.  You can also download an evaluation version and try it:

http://www.cftagstore.com/tags/cfxhttp5.cfm
0
 
Matt GrofskyAuthor Commented:
ya, I have read up on that.  Really looking for something built into coldfusion without buying anything external to it.  Otherwise I would just use cURL
0
 
Matt GrofskyAuthor Commented:
that indeed was my only option
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now