Mary Jo, Hmmm... You know the more I think of it the more I believe you should only be concerned about CF 5. SSL 3.0 came out in 1996 and I think it's the version that supports "chaining" certificates. I have certainly dealt with cert chain issues in both CF 6 and CF 7 - so I'm of a mind to believe those must be SSL 3.0 compliant. Also, I think that 3.0 can respond to 2.0 requests... It's really about dictating the encryption standard that's used. But perhaps Dave or someone can shed a bit more light on it.
-Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -----Original Message----- From: Mary Jo Sminkey [mailto:mary...@cfwebstore.com] Sent: Thursday, February 19, 2009 10:54 AM To: cf-talk Subject: Re: CFHTTP and SSL v3 >I think it would be the underlying protocol of Java not the web server >- right? That would have been my assumption as well, the support from AuthNet seemed to think otherwise, but I certainly don't trust their knowledge of CF and its inner workings. Which still brings me back to trying to determine exactly *which* versions of CF do support SSL v3.0 by default. Like you, I'm hoping they get the test server ready sooner rather than later so we can run some tests with different versions and see what works and what doesn't and go from there. --- Mary Jo Sminkey CFWebstore, ColdFusion-based Ecommerce http://www.cfwebstore.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:319531 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4