Re: CFLDAP socket closed error against SSL
Used LDAP Browser and it fails with the following message: CA certificate is not in the server certificate chain So I've used the keytool to import the all three: 1 - Comodo CA 2 - the intermediate/root cert of the server 3 - the cert of the server itself. Restarted and it still complains with the above message. I'm confused as to which cert/s need to be imported using the keytool. On 12/10/2013 4:37 PM, Mahcsig wrote: > you can try ldap browser, > http://www.ldapbrowser.com/download.htm?download=browser > > > ~Mahcsig > > > On Tue, Dec 10, 2013 at 4:32 PM, Dan LeGate wrote: > >> I've connected to the port using telnet and using a port scanner - both >> show the port is open. >> >> This is an LDAPS connection (port 636), so a standard web browser, or >> curl, etc., won't really work as a client, as far as I know. >> >> Dan >> >> On 12/10/2013 4:23 PM, .jonah wrote: >>> Can you connect to it via any other tools on the CF box? If you have >>> another client that might help determine whether it's a server/network >>> issue or a CF/Java issue. >>> >>> On 12/10/13 4:19 PM, Dan LeGate wrote: Okay, so I looked up how to and used the following command syntax: C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file C:\temp\certfile.cer -keystore C:\CFusion\runtime\jre\lib\security\cacerts -storepass password which imported successfully (verified with the list command). Restarted server (in case that is required). Still get socket closed. >> :-( I imported *just* the certificate from the server I'm connecting to. Do I need anything else in there? Like any of the intermediate/chain or root certs as well? Should I be importing some sort of combined certificate? Or just individually import one at a time? Any help is appreciated. Thanks, Dan On 12/10/2013 2:53 PM, Russ Michaels wrote: > Have u imported the ssl into the key store? > > Russ Michaels > www.michaels.me.uk > cfmldeveloper.com > cflive.net > cfsearch.com > On 10 Dec 2013 20:52, "Dan LeGate"wrote: > >> I take it back... exact same code EXCEPT my code in outside the Custom >> Tag folder had excluded the PORT attribute, so I assume it was going >> to >> the non-SSL port and working fine. >> >> Once I added port = "636" to that code, exact same response: socket >> closed >> Again, the LDAPS (636) port is open to the ColdFusion server. >> >> I'm thinking it's an SSL issue. What steps need to be taken to ensure >> LDAPS communication works? >> >> Thanks! >> >> Dan >> >> On 12/10/2013 12:36 PM, Dan LeGate wrote: >>> Here's the weirdness I'm experiencing... >>> >>> I have a Custom Tag we've been using for years that is called from >> most >>> of our applications and authenticates them to a Sun LDAP server. >>> >>> We are moving to an Active Directory service, and when I attempt to >> do a >>> bind against the new system, I get: >>> >>> An error has occurred while trying to execute query : >> servername.com:636; >>> socket closed. >>> >>> However, if I run that SAME cfldap command in a .cfm file out in a >>> regular web folder (i.e. not as a Custom Tag under the ColdFusion >>> directory), it works fine! >>> >>> I have restarted the server to make sure any old Custom Tag code >> isn't >>> somehow cached. I have verified the SSL (636) port is open to the CF >>> server. >>> >>> Any ideas on this one? Very confused by this. >>> >>> Thanks for any feedback! >>> >>> Dan >>> >>> >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357343 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
> That's only necessary if the certificate from the LDAP server isn't > signed by a known CA. (e.g. it's self-signed.) ... or signed by a root CA that's not in the keystore - this happens fairly commonly in my experience. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357342 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
you can try ldap browser, http://www.ldapbrowser.com/download.htm?download=browser ~Mahcsig On Tue, Dec 10, 2013 at 4:32 PM, Dan LeGate wrote: > > I've connected to the port using telnet and using a port scanner - both > show the port is open. > > This is an LDAPS connection (port 636), so a standard web browser, or > curl, etc., won't really work as a client, as far as I know. > > Dan > > On 12/10/2013 4:23 PM, .jonah wrote: > > Can you connect to it via any other tools on the CF box? If you have > > another client that might help determine whether it's a server/network > > issue or a CF/Java issue. > > > > On 12/10/13 4:19 PM, Dan LeGate wrote: > >> Okay, so I looked up how to and used the following command syntax: > >> > >> C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file > >> C:\temp\certfile.cer -keystore > >> C:\CFusion\runtime\jre\lib\security\cacerts -storepass password > >> > >> which imported successfully (verified with the list command). > >> > >> Restarted server (in case that is required). Still get socket closed. > :-( > >> > >> I imported *just* the certificate from the server I'm connecting to. Do > >> I need anything else in there? Like any of the intermediate/chain or > >> root certs as well? > >> > >> Should I be importing some sort of combined certificate? Or just > >> individually import one at a time? > >> > >> Any help is appreciated. > >> > >> Thanks, > >> > >> Dan > >> > >> On 12/10/2013 2:53 PM, Russ Michaels wrote: > >>> Have u imported the ssl into the key store? > >>> > >>> Russ Michaels > >>> www.michaels.me.uk > >>> cfmldeveloper.com > >>> cflive.net > >>> cfsearch.com > >>> On 10 Dec 2013 20:52, "Dan LeGate" wrote: > >>> > I take it back... exact same code EXCEPT my code in outside the Custom > Tag folder had excluded the PORT attribute, so I assume it was going > to > the non-SSL port and working fine. > > Once I added port = "636" to that code, exact same response: socket > closed > > Again, the LDAPS (636) port is open to the ColdFusion server. > > I'm thinking it's an SSL issue. What steps need to be taken to ensure > LDAPS communication works? > > Thanks! > > Dan > > On 12/10/2013 12:36 PM, Dan LeGate wrote: > > Here's the weirdness I'm experiencing... > > > > I have a Custom Tag we've been using for years that is called from > most > > of our applications and authenticates them to a Sun LDAP server. > > > > We are moving to an Active Directory service, and when I attempt to > do a > > bind against the new system, I get: > > > > An error has occurred while trying to execute query : > servername.com:636; > > socket closed. > > > > However, if I run that SAME cfldap command in a .cfm file out in a > > regular web folder (i.e. not as a Custom Tag under the ColdFusion > > directory), it works fine! > > > > I have restarted the server to make sure any old Custom Tag code > isn't > > somehow cached. I have verified the SSL (636) port is open to the CF > > server. > > > > Any ideas on this one? Very confused by this. > > > > Thanks for any feedback! > > > > Dan > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357341 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
I've connected to the port using telnet and using a port scanner - both show the port is open. This is an LDAPS connection (port 636), so a standard web browser, or curl, etc., won't really work as a client, as far as I know. Dan On 12/10/2013 4:23 PM, .jonah wrote: > Can you connect to it via any other tools on the CF box? If you have > another client that might help determine whether it's a server/network > issue or a CF/Java issue. > > On 12/10/13 4:19 PM, Dan LeGate wrote: >> Okay, so I looked up how to and used the following command syntax: >> >> C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file >> C:\temp\certfile.cer -keystore >> C:\CFusion\runtime\jre\lib\security\cacerts -storepass password >> >> which imported successfully (verified with the list command). >> >> Restarted server (in case that is required). Still get socket closed. :-( >> >> I imported *just* the certificate from the server I'm connecting to. Do >> I need anything else in there? Like any of the intermediate/chain or >> root certs as well? >> >> Should I be importing some sort of combined certificate? Or just >> individually import one at a time? >> >> Any help is appreciated. >> >> Thanks, >> >> Dan >> >> On 12/10/2013 2:53 PM, Russ Michaels wrote: >>> Have u imported the ssl into the key store? >>> >>> Russ Michaels >>> www.michaels.me.uk >>> cfmldeveloper.com >>> cflive.net >>> cfsearch.com >>> On 10 Dec 2013 20:52, "Dan LeGate" wrote: >>> I take it back... exact same code EXCEPT my code in outside the Custom Tag folder had excluded the PORT attribute, so I assume it was going to the non-SSL port and working fine. Once I added port = "636" to that code, exact same response: socket closed Again, the LDAPS (636) port is open to the ColdFusion server. I'm thinking it's an SSL issue. What steps need to be taken to ensure LDAPS communication works? Thanks! Dan On 12/10/2013 12:36 PM, Dan LeGate wrote: > Here's the weirdness I'm experiencing... > > I have a Custom Tag we've been using for years that is called from most > of our applications and authenticates them to a Sun LDAP server. > > We are moving to an Active Directory service, and when I attempt to do a > bind against the new system, I get: > > An error has occurred while trying to execute query :servername.com:636; > socket closed. > > However, if I run that SAME cfldap command in a .cfm file out in a > regular web folder (i.e. not as a Custom Tag under the ColdFusion > directory), it works fine! > > I have restarted the server to make sure any old Custom Tag code isn't > somehow cached. I have verified the SSL (636) port is open to the CF > server. > > Any ideas on this one? Very confused by this. > > Thanks for any feedback! > > Dan > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357340 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
Can you connect to it via any other tools on the CF box? If you have another client that might help determine whether it's a server/network issue or a CF/Java issue. On 12/10/13 4:19 PM, Dan LeGate wrote: > Okay, so I looked up how to and used the following command syntax: > > C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file > C:\temp\certfile.cer -keystore > C:\CFusion\runtime\jre\lib\security\cacerts -storepass password > > which imported successfully (verified with the list command). > > Restarted server (in case that is required). Still get socket closed. :-( > > I imported *just* the certificate from the server I'm connecting to. Do > I need anything else in there? Like any of the intermediate/chain or > root certs as well? > > Should I be importing some sort of combined certificate? Or just > individually import one at a time? > > Any help is appreciated. > > Thanks, > > Dan > > On 12/10/2013 2:53 PM, Russ Michaels wrote: >> Have u imported the ssl into the key store? >> >> Russ Michaels >> www.michaels.me.uk >> cfmldeveloper.com >> cflive.net >> cfsearch.com >> On 10 Dec 2013 20:52, "Dan LeGate" wrote: >> >>> I take it back... exact same code EXCEPT my code in outside the Custom >>> Tag folder had excluded the PORT attribute, so I assume it was going to >>> the non-SSL port and working fine. >>> >>> Once I added port = "636" to that code, exact same response: socket closed >>> >>> Again, the LDAPS (636) port is open to the ColdFusion server. >>> >>> I'm thinking it's an SSL issue. What steps need to be taken to ensure >>> LDAPS communication works? >>> >>> Thanks! >>> >>> Dan >>> >>> On 12/10/2013 12:36 PM, Dan LeGate wrote: Here's the weirdness I'm experiencing... I have a Custom Tag we've been using for years that is called from most of our applications and authenticates them to a Sun LDAP server. We are moving to an Active Directory service, and when I attempt to do a bind against the new system, I get: An error has occurred while trying to execute query :servername.com:636; socket closed. However, if I run that SAME cfldap command in a .cfm file out in a regular web folder (i.e. not as a Custom Tag under the ColdFusion directory), it works fine! I have restarted the server to make sure any old Custom Tag code isn't somehow cached. I have verified the SSL (636) port is open to the CF server. Any ideas on this one? Very confused by this. Thanks for any feedback! Dan > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357339 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
Okay, so I looked up how to and used the following command syntax: C:\CFusion\runtime\jre\bin\keytool.exe -import -v -alias aliasname -file C:\temp\certfile.cer -keystore C:\CFusion\runtime\jre\lib\security\cacerts -storepass password which imported successfully (verified with the list command). Restarted server (in case that is required). Still get socket closed. :-( I imported *just* the certificate from the server I'm connecting to. Do I need anything else in there? Like any of the intermediate/chain or root certs as well? Should I be importing some sort of combined certificate? Or just individually import one at a time? Any help is appreciated. Thanks, Dan On 12/10/2013 2:53 PM, Russ Michaels wrote: > Have u imported the ssl into the key store? > > Russ Michaels > www.michaels.me.uk > cfmldeveloper.com > cflive.net > cfsearch.com > On 10 Dec 2013 20:52, "Dan LeGate" wrote: > >> I take it back... exact same code EXCEPT my code in outside the Custom >> Tag folder had excluded the PORT attribute, so I assume it was going to >> the non-SSL port and working fine. >> >> Once I added port = "636" to that code, exact same response: socket closed >> >> Again, the LDAPS (636) port is open to the ColdFusion server. >> >> I'm thinking it's an SSL issue. What steps need to be taken to ensure >> LDAPS communication works? >> >> Thanks! >> >> Dan >> >> On 12/10/2013 12:36 PM, Dan LeGate wrote: >>> Here's the weirdness I'm experiencing... >>> >>> I have a Custom Tag we've been using for years that is called from most >>> of our applications and authenticates them to a Sun LDAP server. >>> >>> We are moving to an Active Directory service, and when I attempt to do a >>> bind against the new system, I get: >>> >>> An error has occurred while trying to execute query :servername.com:636; >>> socket closed. >>> >>> However, if I run that SAME cfldap command in a .cfm file out in a >>> regular web folder (i.e. not as a Custom Tag under the ColdFusion >>> directory), it works fine! >>> >>> I have restarted the server to make sure any old Custom Tag code isn't >>> somehow cached. I have verified the SSL (636) port is open to the CF >>> server. >>> >>> Any ideas on this one? Very confused by this. >>> >>> Thanks for any feedback! >>> >>> Dan >>> >>> >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357338 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
Nice! On 12/10/13 4:18 PM, Russ Michaels wrote: > easiest solution is to use this > http://certman.riaforge.org/ > > > > On Tue, Dec 10, 2013 at 11:31 PM, Dan LeGate wrote: > >> No. How do we do that? >> >> Is it the individual server certificate(s) that we connect to that are >> put into the key store? >> >> Or a Certificate Authority certificate we need? >> >> Where is the key store on the CF Server and how do we manipulate it? >> >> Thanks, >> >> Dan >> >> On 12/10/2013 2:53 PM, Russ Michaels wrote: >>> Have u imported the ssl into the key store? >>> >>> Russ Michaels >>> www.michaels.me.uk >>> cfmldeveloper.com >>> cflive.net >>> cfsearch.com >>> On 10 Dec 2013 20:52, "Dan LeGate" wrote: >>> I take it back... exact same code EXCEPT my code in outside the Custom Tag folder had excluded the PORT attribute, so I assume it was going to the non-SSL port and working fine. Once I added port = "636" to that code, exact same response: socket >> closed Again, the LDAPS (636) port is open to the ColdFusion server. I'm thinking it's an SSL issue. What steps need to be taken to ensure LDAPS communication works? Thanks! Dan On 12/10/2013 12:36 PM, Dan LeGate wrote: > Here's the weirdness I'm experiencing... > > I have a Custom Tag we've been using for years that is called from most > of our applications and authenticates them to a Sun LDAP server. > > We are moving to an Active Directory service, and when I attempt to do >> a > bind against the new system, I get: > > An error has occurred while trying to execute query : >> servername.com:636; > socket closed. > > However, if I run that SAME cfldap command in a .cfm file out in a > regular web folder (i.e. not as a Custom Tag under the ColdFusion > directory), it works fine! > > I have restarted the server to make sure any old Custom Tag code isn't > somehow cached. I have verified the SSL (636) port is open to the CF > server. > > Any ideas on this one? Very confused by this. > > Thanks for any feedback! > > Dan > > >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357337 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
That's only necessary if the certificate from the LDAP server isn't signed by a known CA. (e.g. it's self-signed.) If it is, you need to import the LDAP server's public key into your CF server's java keystore. I wrote up a doc on how to do it a while back: https://docs.google.com/document/d/12Ef1SwddMh0oO11TS3lt5E8VGiVCsdI8WmYn8qQLW4c/edit?usp=sharing On 12/10/13 3:31 PM, Dan LeGate wrote: > No. How do we do that? > > Is it the individual server certificate(s) that we connect to that are > put into the key store? > > Or a Certificate Authority certificate we need? > > Where is the key store on the CF Server and how do we manipulate it? > > Thanks, > > Dan > > On 12/10/2013 2:53 PM, Russ Michaels wrote: >> Have u imported the ssl into the key store? >> >> Russ Michaels >> www.michaels.me.uk >> cfmldeveloper.com >> cflive.net >> cfsearch.com >> On 10 Dec 2013 20:52, "Dan LeGate" wrote: >> >>> I take it back... exact same code EXCEPT my code in outside the Custom >>> Tag folder had excluded the PORT attribute, so I assume it was going to >>> the non-SSL port and working fine. >>> >>> Once I added port = "636" to that code, exact same response: socket closed >>> >>> Again, the LDAPS (636) port is open to the ColdFusion server. >>> >>> I'm thinking it's an SSL issue. What steps need to be taken to ensure >>> LDAPS communication works? >>> >>> Thanks! >>> >>> Dan >>> >>> On 12/10/2013 12:36 PM, Dan LeGate wrote: Here's the weirdness I'm experiencing... I have a Custom Tag we've been using for years that is called from most of our applications and authenticates them to a Sun LDAP server. We are moving to an Active Directory service, and when I attempt to do a bind against the new system, I get: An error has occurred while trying to execute query :servername.com:636; socket closed. However, if I run that SAME cfldap command in a .cfm file out in a regular web folder (i.e. not as a Custom Tag under the ColdFusion directory), it works fine! I have restarted the server to make sure any old Custom Tag code isn't somehow cached. I have verified the SSL (636) port is open to the CF server. Any ideas on this one? Very confused by this. Thanks for any feedback! Dan > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357336 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
easiest solution is to use this http://certman.riaforge.org/ On Tue, Dec 10, 2013 at 11:31 PM, Dan LeGate wrote: > > No. How do we do that? > > Is it the individual server certificate(s) that we connect to that are > put into the key store? > > Or a Certificate Authority certificate we need? > > Where is the key store on the CF Server and how do we manipulate it? > > Thanks, > > Dan > > On 12/10/2013 2:53 PM, Russ Michaels wrote: > > Have u imported the ssl into the key store? > > > > Russ Michaels > > www.michaels.me.uk > > cfmldeveloper.com > > cflive.net > > cfsearch.com > > On 10 Dec 2013 20:52, "Dan LeGate" wrote: > > > >> I take it back... exact same code EXCEPT my code in outside the Custom > >> Tag folder had excluded the PORT attribute, so I assume it was going to > >> the non-SSL port and working fine. > >> > >> Once I added port = "636" to that code, exact same response: socket > closed > >> > >> Again, the LDAPS (636) port is open to the ColdFusion server. > >> > >> I'm thinking it's an SSL issue. What steps need to be taken to ensure > >> LDAPS communication works? > >> > >> Thanks! > >> > >> Dan > >> > >> On 12/10/2013 12:36 PM, Dan LeGate wrote: > >>> Here's the weirdness I'm experiencing... > >>> > >>> I have a Custom Tag we've been using for years that is called from most > >>> of our applications and authenticates them to a Sun LDAP server. > >>> > >>> We are moving to an Active Directory service, and when I attempt to do > a > >>> bind against the new system, I get: > >>> > >>> An error has occurred while trying to execute query : > servername.com:636; > >>> socket closed. > >>> > >>> However, if I run that SAME cfldap command in a .cfm file out in a > >>> regular web folder (i.e. not as a Custom Tag under the ColdFusion > >>> directory), it works fine! > >>> > >>> I have restarted the server to make sure any old Custom Tag code isn't > >>> somehow cached. I have verified the SSL (636) port is open to the CF > >>> server. > >>> > >>> Any ideas on this one? Very confused by this. > >>> > >>> Thanks for any feedback! > >>> > >>> Dan > >>> > >>> > >> > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357335 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
No. How do we do that? Is it the individual server certificate(s) that we connect to that are put into the key store? Or a Certificate Authority certificate we need? Where is the key store on the CF Server and how do we manipulate it? Thanks, Dan On 12/10/2013 2:53 PM, Russ Michaels wrote: > Have u imported the ssl into the key store? > > Russ Michaels > www.michaels.me.uk > cfmldeveloper.com > cflive.net > cfsearch.com > On 10 Dec 2013 20:52, "Dan LeGate" wrote: > >> I take it back... exact same code EXCEPT my code in outside the Custom >> Tag folder had excluded the PORT attribute, so I assume it was going to >> the non-SSL port and working fine. >> >> Once I added port = "636" to that code, exact same response: socket closed >> >> Again, the LDAPS (636) port is open to the ColdFusion server. >> >> I'm thinking it's an SSL issue. What steps need to be taken to ensure >> LDAPS communication works? >> >> Thanks! >> >> Dan >> >> On 12/10/2013 12:36 PM, Dan LeGate wrote: >>> Here's the weirdness I'm experiencing... >>> >>> I have a Custom Tag we've been using for years that is called from most >>> of our applications and authenticates them to a Sun LDAP server. >>> >>> We are moving to an Active Directory service, and when I attempt to do a >>> bind against the new system, I get: >>> >>> An error has occurred while trying to execute query :servername.com:636; >>> socket closed. >>> >>> However, if I run that SAME cfldap command in a .cfm file out in a >>> regular web folder (i.e. not as a Custom Tag under the ColdFusion >>> directory), it works fine! >>> >>> I have restarted the server to make sure any old Custom Tag code isn't >>> somehow cached. I have verified the SSL (636) port is open to the CF >>> server. >>> >>> Any ideas on this one? Very confused by this. >>> >>> Thanks for any feedback! >>> >>> Dan >>> >>> >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357334 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
Have u imported the ssl into the key store? Russ Michaels www.michaels.me.uk cfmldeveloper.com cflive.net cfsearch.com On 10 Dec 2013 20:52, "Dan LeGate" wrote: > > I take it back... exact same code EXCEPT my code in outside the Custom > Tag folder had excluded the PORT attribute, so I assume it was going to > the non-SSL port and working fine. > > Once I added port = "636" to that code, exact same response: socket closed > > Again, the LDAPS (636) port is open to the ColdFusion server. > > I'm thinking it's an SSL issue. What steps need to be taken to ensure > LDAPS communication works? > > Thanks! > > Dan > > On 12/10/2013 12:36 PM, Dan LeGate wrote: > > Here's the weirdness I'm experiencing... > > > > I have a Custom Tag we've been using for years that is called from most > > of our applications and authenticates them to a Sun LDAP server. > > > > We are moving to an Active Directory service, and when I attempt to do a > > bind against the new system, I get: > > > > An error has occurred while trying to execute query :servername.com:636; > > socket closed. > > > > However, if I run that SAME cfldap command in a .cfm file out in a > > regular web folder (i.e. not as a Custom Tag under the ColdFusion > > directory), it works fine! > > > > I have restarted the server to make sure any old Custom Tag code isn't > > somehow cached. I have verified the SSL (636) port is open to the CF > > server. > > > > Any ideas on this one? Very confused by this. > > > > Thanks for any feedback! > > > > Dan > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357333 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: CFLDAP socket closed error against SSL
What if you wrote it as a function and put it in a CFC? Robert Harrison Director of Interactive Services Austin & Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_williams -Original Message- From: Dan LeGate [mailto:d...@legeek.com] Sent: Tuesday, December 10, 2013 3:50 PM To: cf-talk Subject: Re: CFLDAP socket closed error against SSL I take it back... exact same code EXCEPT my code in outside the Custom Tag folder had excluded the PORT attribute, so I assume it was going to the non-SSL port and working fine. Once I added port = "636" to that code, exact same response: socket closed Again, the LDAPS (636) port is open to the ColdFusion server. I'm thinking it's an SSL issue. What steps need to be taken to ensure LDAPS communication works? Thanks! Dan On 12/10/2013 12:36 PM, Dan LeGate wrote: > Here's the weirdness I'm experiencing... > > I have a Custom Tag we've been using for years that is called from > most of our applications and authenticates them to a Sun LDAP server. > > We are moving to an Active Directory service, and when I attempt to do > a bind against the new system, I get: > > An error has occurred while trying to execute query > :servername.com:636; socket closed. > > However, if I run that SAME cfldap command in a .cfm file out in a > regular web folder (i.e. not as a Custom Tag under the ColdFusion > directory), it works fine! > > I have restarted the server to make sure any old Custom Tag code isn't > somehow cached. I have verified the SSL (636) port is open to the CF > server. > > Any ideas on this one? Very confused by this. > > Thanks for any feedback! > > Dan > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357332 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: CFLDAP socket closed error against SSL
I take it back... exact same code EXCEPT my code in outside the Custom Tag folder had excluded the PORT attribute, so I assume it was going to the non-SSL port and working fine. Once I added port = "636" to that code, exact same response: socket closed Again, the LDAPS (636) port is open to the ColdFusion server. I'm thinking it's an SSL issue. What steps need to be taken to ensure LDAPS communication works? Thanks! Dan On 12/10/2013 12:36 PM, Dan LeGate wrote: > Here's the weirdness I'm experiencing... > > I have a Custom Tag we've been using for years that is called from most > of our applications and authenticates them to a Sun LDAP server. > > We are moving to an Active Directory service, and when I attempt to do a > bind against the new system, I get: > > An error has occurred while trying to execute query :servername.com:636; > socket closed. > > However, if I run that SAME cfldap command in a .cfm file out in a > regular web folder (i.e. not as a Custom Tag under the ColdFusion > directory), it works fine! > > I have restarted the server to make sure any old Custom Tag code isn't > somehow cached. I have verified the SSL (636) port is open to the CF > server. > > Any ideas on this one? Very confused by this. > > Thanks for any feedback! > > Dan > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357331 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
CFLDAP socket closed error against SSL
Here's the weirdness I'm experiencing... I have a Custom Tag we've been using for years that is called from most of our applications and authenticates them to a Sun LDAP server. We are moving to an Active Directory service, and when I attempt to do a bind against the new system, I get: An error has occurred while trying to execute query :servername.com:636; socket closed. However, if I run that SAME cfldap command in a .cfm file out in a regular web folder (i.e. not as a Custom Tag under the ColdFusion directory), it works fine! I have restarted the server to make sure any old Custom Tag code isn't somehow cached. I have verified the SSL (636) port is open to the CF server. Any ideas on this one? Very confused by this. Thanks for any feedback! Dan ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357330 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: valid ColdFusion MX 7 download-link
Uwe, check your e-mail :) Philipp Am 10.12.2013 um 16:42 schrieb Uwe Degenhardt : > > Hi Matt, thanks. > I am aware of this. > > To use Railo would be the next option, in case I don't get > the old CF 7 up and running on the new VM. ;-) > I have sent Adobe an eMail out too, I hope I can get a download-link. :-) > Uwe > > > >> I'd be very surprised if you found an active download link for CF7. Most >> likely the only way that's going to happen is if someone has the installer >> file laying around somewhere and puts it on their server for you. > >> CF7 is 4 major versions old now, and has not been supported for years now. >> If you don't want to pay for a new license (totally understandable), I >> would recommend looking at Railo instead. Not only is Railo free, it is >> infinitely better than CF7 - not to mention more secure and actively >> supported. > >> http://www.getrailo.org/index.cfm/download/ > >> HTH >> On Dec 10, 2013 7:58 AM, "Uwe Degenhardt" wrote: > >>> >>> Hi list, >>> does anybody have a valid >>> ColdFusion MX 7 download-link for me ? >>> Thanks ! >>> Uwe >>> >>> >>> >>> > >> > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357329 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: valid ColdFusion MX 7 download-link
Hi Matt, thanks. I am aware of this. To use Railo would be the next option, in case I don't get the old CF 7 up and running on the new VM. ;-) I have sent Adobe an eMail out too, I hope I can get a download-link. :-) Uwe > I'd be very surprised if you found an active download link for CF7. Most > likely the only way that's going to happen is if someone has the installer > file laying around somewhere and puts it on their server for you. > CF7 is 4 major versions old now, and has not been supported for years now. > If you don't want to pay for a new license (totally understandable), I > would recommend looking at Railo instead. Not only is Railo free, it is > infinitely better than CF7 - not to mention more secure and actively > supported. > http://www.getrailo.org/index.cfm/download/ > HTH > On Dec 10, 2013 7:58 AM, "Uwe Degenhardt" wrote: >> >> Hi list, >> does anybody have a valid >> ColdFusion MX 7 download-link for me ? >> Thanks ! >> Uwe >> >> >> >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357328 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: valid ColdFusion MX 7 download-link
I'd be very surprised if you found an active download link for CF7. Most likely the only way that's going to happen is if someone has the installer file laying around somewhere and puts it on their server for you. CF7 is 4 major versions old now, and has not been supported for years now. If you don't want to pay for a new license (totally understandable), I would recommend looking at Railo instead. Not only is Railo free, it is infinitely better than CF7 - not to mention more secure and actively supported. http://www.getrailo.org/index.cfm/download/ HTH On Dec 10, 2013 7:58 AM, "Uwe Degenhardt" wrote: > > Hi list, > does anybody have a valid > ColdFusion MX 7 download-link for me ? > Thanks ! > Uwe > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357327 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
valid ColdFusion MX 7 download-link
Hi list, does anybody have a valid ColdFusion MX 7 download-link for me ? Thanks ! Uwe ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357326 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm