2 Replies Latest reply on Jun 2, 2015 11:50 AM by LoveDispenser

    salesforce api sha 256 connection failure

    LoveDispenser

      I've been successfully using Salesforce's api till they made the switch to SHA 256 algorithms about 2 weeks ago (HTTPS Security Certificate Change from SHA-1 to SHA-256 hash algorithms). I know that coldfusion 8 is capable of supporting sha 245 hashing, but I've had no luck connecting to salesforce objects. Where exactly do i need to implement the SHA 256 encoding? Here's my CF code that is currrently functioning on a server where the sha 256 hasn't been implemented yet:

       

      <cfhttp url="https://cs8.salesforce.com/services/data/v30.0/sobjects/SFOBJECT/describe" method="get" result="apique">

        <cfhttpparam type="header" name="Authorization" value="Bearer XXXXXXX">

         <cfhttpparam type="header" name="X-PrettyPrint" value="1">

         </cfhttp>

       

       

      This works correctly, so I assumed I just need to do the hashing on either the url or the authorization value. l tried both, then one or the other, but still no luck. Any advice is welcom.

        • 1. Re: salesforce api sha 256 connection failure
          haxtbh Level 4

          You are confusing the situation here. Salesforce, like may other APIs, are changing their certificates to SHA-256. This is not the same as you hashing information your side using coldfusion. What you need is coldfusion to be able to understand these newer certificates. This means that your code will mostly stay the same, what changes is the underlying java engine which allows connecting to HTTPS using SHA-256.

           

          Firstly, you will need to make sure you have a java version being used by coldfusion 8 that supports SHA-256. I believe you are going to need at least Java 1.6.0_45 to get this working. The only other problem you will have is if Salesforce are using a SAN certificate, in which case Coldfusion 8 doesnt support this.


          You can read about upgrading jvm for CF 8 here - How to change the JVM for ColdFusion on JRun

          • 2. Re: salesforce api sha 256 connection failure
            LoveDispenser Level 1

            Thanks for the info! I've been working with our DBA to fix this issue for a week and when I shared this information with him, he was able to come up with a fix that didn't involve installing a whole new JDK. He downloaded and installed symantec certificates into the existing JRE and that fixed the problem.