Mary Jo, I'm confused.... SSL 3.0 does not necessarily need a client cert - does it? The connection would still use the public key right? Are you saying that Auth.net is requiring you to specify the client cert as a part of the handshake?
-Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -----Original Message----- From: Mary Jo Sminkey [mailto:[email protected]] Sent: Tuesday, February 17, 2009 8:11 PM To: cf-talk Subject: Re: CFHTTP and SSL v3 >You should be able to bypass CFHTTP and use the java libs directly. I >took a gander at the Java samples on the auth.net site for AIM >integration and here's what I came up with. It seems to work fine on CF >7 and It handles the SSL all right and returns values. But I'm still >trying to figure out how to test and see if it's SSL 3.0 or not (I suspect not). Well, that looks promising indeed...but I'm not seeing anything in there that is providing the client certificate, which is what is necessary for SSL 3.0. In CF8, it's provided with the ClientCert and ClientCertPassword attributes of the cfhttp tag. But as for how to test and know if this is working, you've got me stumped! I see nothing in the Authorize.Net settings, or anything whatsoever in the documentation that tells where to get the certificate, how to test it, etc. --- Mary Jo Sminkey CFWebstore, ColdFusion-based Ecommerce http://www.cfwebstore.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:319494 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
