webservice over HTTPS with self-signed cert in ColdFusion? | ansaurus

tags:

views:

43

answers:

1

+1 Q:

webservice over HTTPS with self-signed cert in ColdFusion?

How to enable webservice call over HTTPS with self-signed cert in ColdFusion 9?

According to the doc, <cfhttp> should work, but how about <cfinvoke>?

If I use cfhttp, do I still need to install the cert as outlined here? http://kb2.adobe.com/cps/400/kb400977.html

I tried simply using https in cfinvoke, I got SSLPeerUnverifiedException: peer not authenticated exception.

Thanks

+2 A:

If I use cfhttp, do I still need to install the cert as outlined here? http://kb2.adobe.com/cps/400/kb400977.html

Yes.

For secure connections to remote servers over SSL, all current versions of ColdFusion require the remote system's SSL certificate to exist in ColdFusion's certificate truststore.

That would include both cfhttp and cfinvoke.

Simply put, there is no way around importing the certificate into the truststore when it is self-signed.

Adam Tuttle 2010-09-25 02:00:26

thx, but got a question, when to use cfhttp's clientCert * clientCertPassword then? Is it different from SSL cert?

Henry 2010-09-25 02:17:35

Henry, SSL can work both ways. One of the purposes of SSL is to verify the identity of the server (which is why using a self signed cert is considered a bad practice, because anyone can make one). Well, it works the other way too. The server can require the client to provide a certificate to verify its identity. That way the server can know that it is talking to an authorized party. That is when you would use the client cert attributes in cfhttp.

Jason Dean 2010-09-25 03:54:29

@Jason, thanks! Are there any tutorial on how to set up client cert?

Henry 2010-09-25 06:34:56

related questions

Restarting ColdFusion mail queue

ColdFusion mail queue stops processing

in ColdFusion 8, can you declare a function as private using cfscript?

ColdFusion Template Request count optimization

How do I speed up data retrieval from .NET AD within ColdFusion

How to call a function dynamically that is part of an instantiated cfc, without using Evaluate()?

Using Google Maps in Coldfusion

We're manually mapping our internal data elements to external vendors' xml schema. there's gotta be a better way...

How do I turn a ColdFusion page into a PDF download?

Importing Access data into SQL Server using ColdFusion

jquery: JFrame plugin fails in IE 7

How do I programatically sanitise coldfusion cfquery parameters.

ColdFusion: Is it safe to leave out the variables keyword in a CFC?

How should you go about learning ASP.NET after life as a ColdFusion developer?

BOM not expected in CF but sent by IIS/SP

cfqueryparam with like operator in coldfusion

Is it possible to find code coverage in ColdFusion?

How can you test to see if two arrays are the same using CFML?

Why is my PDF footer text invisible?

Coldfusion - When to use the "request" scope?

How do I convert images between CMYK and RGB in ColdFusion (java)?

How do I use NTLM authentication with Active Directory

Dynamic Alphabetical Navigation

Wrapping lists into columns

How to get started "writing" a code coverage tool?