Yeah I agree the default CF9 jvm should be a-o-k. But ya never know. I guess you're back to the challenge of importing it correctly. Or there's some other issue going on.
Sent from my iPhone On 05/08/2010, at 11:21 PM, Gavin Beau Baumanis <b...@palcare.com.au> wrote: > I don't get a cert warning in the browser because I have "that" cert and > only that cert installed in the browser already. > > Our staging sites have all been confired to allow the same developer's client > cert - thus one cert for all staging sites. > > Thus only have one cert installed means you don't even get the prompt for the > cert it's just automatically applied by firefox - after the first run of > course... > > Well - at least that's what I am putting it (the working in the browser) down > to anyway. > > As for the JVM that we're using - to be honest - I wouldn't have a clue... > but since we're running CF9 - would it not be using whatever CF9 gets > bundled with? > > > Gavin. > > > > On 05/08/2010, at 10:38 PM, MrBuzzy wrote: > >> What I find interesting is your browser does not give any certificate >> warnings when viewing the wsdl over https. That usually means you wont need >> to import the certificate or issuing authority in to the JVM. >> >> Is it possible you are using any early-ish JVM, like version 1.4.2? >> If you can, upgrade the CF JVM to the latest 1.6.x. verslon. You will need >> to modify jvm.config once you have installed the new JVM and give CF a >> restart. >> >> On 5 August 2010 20:29, Gavin Beau Baumanis <b...@palcare.com.au> wrote: >> >> On 05/08/2010, at 7:26 PM, MrBuzzy wrote: >> >> > Annoying isn't it :) >> > >> Yup sure is. >> >> >> > When you view the https wsdl in a browser what warnings (if any) do you >> > get? >> > >> None. >> >> The WSDL looks identical to that produced when using a non-https URL. >> Apart from the namespace addresses etc being different because of the >> different URL >> >> >> >> > Also if you're going commando (command line hehe) just check that you are >> > working on the same jvm or jdk that is specified in ColdFusion's >> > jvm.config file. >> > >> Ahh righteo.... >> I didn't consider that.... but thanks. >> >> It still doesn't work though.... bummer.... >> >> Anyone got anything further I could try? >> Or is it simply a fact that importing the server cert into the java keystore >> - should see it working? >> And if that is the case - does the alias used when importing the cert, >> matter any? >> >> Thanks again.... >> >> >> >> > Sent from my iPhone >> > >> > On 05/08/2010, at 4:50 PM, Gavin Baumanis <beauecli...@gmail.com> wrote: >> > >> >> Hi Everyone, >> >> >> >> I have been trying to get this to work for the past few days and have >> >> finally decided I should ask for some help. >> >> I have a service that runs on a server using the https protocol. >> >> >> >> Sunsequently - when I try to use that service I get the folling error; >> >> Unable to read WSDL from URL: blah/blah.cfc?wsdl. Error: >> >> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated. >> >> >> >> All the items I read seemed to say that all I needed to do was to add >> >> the certificate to java keystore. >> >> Which have done using this; >> >> http://certman.riaforge.org/ >> >> >> >> I even tried using the command line - just in case there was some >> >> "odd" issue with the Certificate Manager extension to CF Admin. >> >> >> >> But still no dice. >> >> >> >> I have added the server cert and also tried by adding in the client >> >> cert too - but I still receive that error. >> >> Interestingly enough - I can successfully see the WSDL via the browser >> >> and https. >> >> >> >> If I place the code on a non-ssl connection - everything works as >> >> expected - so I know that my CFCs/code etc is working correctly. >> >> >> >> If anyone has any ideas - I would be most appreciative. >> >> >> >> >> >> Gavin. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google Groups >> >> "cfaussie" group. >> >> To post to this group, send email to cfaus...@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> cfaussie+unsubscr...@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/cfaussie?hl=en. >> >> >> > >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "cfaussie" group. >> > To post to this group, send email to cfaus...@googlegroups.com. >> > To unsubscribe from this group, send email to >> > cfaussie+unsubscr...@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/cfaussie?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "cfaussie" group. >> To post to this group, send email to cfaus...@googlegroups.com. >> To unsubscribe from this group, send email to >> cfaussie+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/cfaussie?hl=en. >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "cfaussie" group. >> To post to this group, send email to cfaus...@googlegroups.com. >> To unsubscribe from this group, send email to >> cfaussie+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/cfaussie?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To post to this group, send email to cfaus...@googlegroups.com. > To unsubscribe from this group, send email to > cfaussie+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/cfaussie?hl=en. -- You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaus...@googlegroups.com. To unsubscribe from this group, send email to cfaussie+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en.