Our credit card gateway provider renewed their SSL certificate, and now our
CFHTTP call to the https:// address simply spits back a connection failure
message. I googled for this, but didn't get any useful information. We're
using mx6.1... does anyone have any ideas?
Our credit card gateway provider renewed their SSL
certificate, and now our CFHTTP call to the https:// address
simply spits back a connection failure message. I googled
for this, but didn't get any useful information. We're using
mx6.1... does anyone have any ideas?
Have you tried
Have you tried imported their new SSL certificate into the Jrun
keystore?
Nope! Never knew that was needed, nor do I know how. Got a link for me?
Thanks for the quick reply!
marc
~|
Introducing the Fusion Authority
Last time I checked (with cfmx 6.1), cfhttp over SSL required a
completely valid certificate. If there is anything wrong with the
cert, the call will fail and there is no way to recover from the error
short of using something other than cfhttp. Importing the cert into
the keystore on your server
Have you tried imported their new SSL certificate into the Jrun
keystore?
Nope! Never knew that was needed, nor do I know how. Got a
link for me?
Here is the link:
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_19139#enableC
F
It's for LDAP but the section I linked to has
: SSL Certificate Changed, CFHTTP broken
Have you tried imported their new SSL certificate into the Jrun
keystore?
Nope! Never knew that was needed, nor do I know how. Got a
link for me?
Here is the link:
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_191
39#enableC
This may also help:
Using Keytool to Import SSL Certificates into Sun JDK
http://www.talkingtree.com/blog/index.cfm/2004/7/1/keytool
Thanks. I do plan on trying this. But a question that's bugging the hell out
of me is... I didn't have to do this before - we just used CFHTTP with an https
Thanks. I do plan on trying this. But a question that's
bugging the hell out of me is... I didn't have to do this
before - we just used CFHTTP with an https site, and it just
worked. Why now does it not?
The keystore comes prepopulated with certificates from industry trusted
CA's
-Original Message-
From: Mike Chabot [mailto:[EMAIL PROTECTED]
Sent: Monday, September 25, 2006 10:20 AM
To: CF-Talk
Subject: Re: SSL Certificate Changed, CFHTTP broken
Last time I checked (with cfmx 6.1), cfhttp over SSL
required
certificate has been cached and maybe restarting ColdFusion might clear
that (maybe).
-Original Message-
From: Marc Funaro [mailto:[EMAIL PROTECTED]
Sent: Monday, September 25, 2006 10:50 AM
To: CF-Talk
Subject: Re: SSL Certificate Changed, CFHTTP broken
This may also help
Here is the link:
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_19139#enableC
F
It's for LDAP but the section I linked to has the CF instructions.
I did everything here. I saved the certificates from https://ntpnow.com, using
Internet Explorer and saving as Base64Encoded.
I then
I then used the keytool and saved both the certificate and
the intermediate certificate. Bounced the CF server, still no joy.
Very frustrating, I am still at square one.
I've been round this kind of merry-go-round before...
In the past we (and when I say 'we', I really mean the
:
-Original Message-
From: Mike Chabot [mailto:[EMAIL PROTECTED]
Sent: Monday, September 25, 2006 10:20 AM
To: CF-Talk
Subject: Re: SSL Certificate Changed, CFHTTP broken
Last time I checked (with cfmx 6.1), cfhttp over SSL
required a completely valid certificate
-Original Message-
From: Jon Clausen [mailto:[EMAIL PROTECTED]
Sent: Monday, September 25, 2006 12:39 PM
To: CF-Talk
Subject: Re: SSL Certificate Changed, CFHTTP broken
Having two certs on the server sounds like it could be
the CF
- Made sure that CF was looking at that keystore (there
can be multiple
AFAK)
Any information on how I can make sure CF is looking at that keystore? When
I do keytool -list... I can see the keys I've added to the keystore. They
are there, and they do import properly. It
- Made sure that CF was looking at that keystore (there
can be multiple
AFAK)
Any information on how I can make sure CF is looking at that keystore? When
I do keytool -list... I can see the keys I've added to the keystore. They
are there, and they do import properly. It
/2SSLCerts
-Original Message-
From: Marc Funaro [mailto:[EMAIL PROTECTED]
Sent: Monday, September 25, 2006 2:50 PM
To: CF-Talk
Subject: Re: SSL Certificate Changed, CFHTTP broken
- Made sure that CF was looking at that keystore (there
can be multiple
AFAK
17 matches
Mail list logo