-
1. Re: HTTPS Webservices
Owain North Jan 28, 2011 5:41 AM (in response to dujsu)1 person found this helpfulIf you're getting actual connection issues then it doesn't matter whether it's SSL or not, it's simply a connectivity issue between the CF box and the remote service.
Sounds like a firewall or routing issue, but it's certainly not something you'll be able to fix in your code. Are you sure port 443 is open out from your firewall *and* in to theirs?
Keep beating your sysadmin until it works
-
2. Re: HTTPS Webservices
dujsu Jan 28, 2011 5:48 AM (in response to Owain North)Haha..okay, thats what I needed to hear, thank you for verifying my sanity. I will keep on him. Thanks!
-
3. Re: HTTPS Webservices
Dave Watts Jan 28, 2011 7:18 AM (in response to dujsu)1 person found this helpfulI'm not sure telnet will be a useful way to test connectivity for ports that require encrypted connections. I'd recommend that you just try using a browser (wget if you can only browse via a command line).
Dave Watts, CTO, Fig Leaf Software
-
-
5. Re: HTTPS Webservices
Dave Watts Jan 28, 2011 10:59 AM (in response to dujsu)No, this is probably a certificate verification issue. You'll probably have to install the remote server's certificate chain in your keystore.
http://www.google.com/search?q=coldfusion+java+keystore
Dave Watts, CTO, Fig Leaf Software
-
6. Re: HTTPS Webservices
dujsu Jan 31, 2011 6:51 AM (in response to Dave Watts)Here is the stack trace for the error above. I am unfamiliar with how to read most of this, but I don't see that there is a "HandShake" error of any kind. Anyone see anything that would say this doesn't relate to a network and/or certificate issue?
coldfusion.tagext.net.HttpTag$HttpConnectionFailureException: Connection Failure: Status code unavailable at coldfusion.tagext.net.HttpTag.connHelper(HttpTag.java:1004) at coldfusion.tagext.net.HttpTag.doEndTag(HttpTag.java:1062) at cftest62ecfm238689358.runPage(C:\Inetpub\wwwroot\test6.cfm:57) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:196) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:370) at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65) at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:279) at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:48) at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40) at coldfusion.filter.PathFilter.invoke(PathFilter.java:86) at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70) at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:74) at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:2 8) at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46) at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) at coldfusion.CfmServlet.service(CfmServlet.java:175) at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89) at jrun.servlet.FilterChain.doFilter(FilterChain.java:86) at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42 ) at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46) at jrun.servlet.FilterChain.doFilter(FilterChain.java:94) at jrun.servlet.FilterChain.service(FilterChain.java:101) at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106) at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42) at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286) at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543) at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203) at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:320) at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428) at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:266) at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)
Also, I am having trouble getting a copy of the certificate for the remote server from the SA. Is it a must to have the remote cert in our Keystore?
-
7. Re: HTTPS Webservices
Dave Watts Jan 31, 2011 9:13 AM (in response to dujsu)My money is still on it being a certificate issue. To install the certificate, just visit the remote URL in a browser, and use that to save the certificate locally. Then, add it to your certificate store as described at the link I gave in the last email.
Dave Watts, CTO, Fig Leaf Software
-
8. Re: HTTPS Webservices
dujsu Mar 24, 2011 8:09 AM (in response to Dave Watts)Sorry its taken so long to respond. Adding the certificate to the java key
store fixed my issues.
I used Mark Kruger's blog article for handling the specifics.
http://mkruger.cfwebtools.com/index.cfm?mode=entry&entry=8E44925A-B73D-E3AD-709D4E02FD6D45 88
Thanks again for all the help.