?
Solved

cfhttp equivalent of -insecure or -k in cUrl to ignore a less than adequate CA cert on a https site

Posted on 2011-02-24
3
Medium Priority
?
1,227 Views
Last Modified: 2012-08-13
So I'm posting to an https site in coldfusion cfhttp and am getting failures.  Upon closer look using cURL it seems the site has a less than adequate CA cert.  See below for response back from cURL.

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify faile
d
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.


Now if using the -insecure or -k option in cURL it basically ignores this issue with the site cert and goes about its business.  Essentially in all browsers it ignores this, but just lets you know about it and goes about its business.

Coldfusion however, will just straight out fail.  Anyway around this?  is there a -insecure or -k like option in coldfusion that will allow me to ignore this?
0
Comment
Question by:Matt Grofsky
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
Hammo777 earned 2000 total points
ID: 34980814

I believe this is an option in the CFX_HTTP5 tag that you can buy for $50.  You can also download an evaluation version and try it:

http://www.cftagstore.com/tags/cfxhttp5.cfm
0
 
LVL 2

Author Comment

by:Matt Grofsky
ID: 34980909
ya, I have read up on that.  Really looking for something built into coldfusion without buying anything external to it.  Otherwise I would just use cURL
0
 
LVL 2

Author Closing Comment

by:Matt Grofsky
ID: 36257763
that indeed was my only option
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question