Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers

Webmaster Forum / ColdFusion / Advanced Techniques / June 2008


Tip: Looking for answers? Try searching our database.

CF8, SSL, cfhttp and clientCert issue

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
LoanXEngine - 17 Sep 2007 23:48 GMT
I was excited to see that CF8 allowed you to pass a clientCert in cfhttp.  
Conveniently, I needed to do this to integrate with a credit company.

But it doesn't appear to work. In fact, cfhttp is 'undefined' when using it
with clientCert.

I have installed the special Cert file manually.

To manually import a certificate:
Go to a page on the SSL server in question.
Double-click the lock icon.
Click the Details tab.
Click Copy To File.
Select the base64 option and save the file.
Copy the CER file into C:\CFusionMX7\runtime\jre\lib\security (or whichever
JRE ColdFusion is using).
Run the following command in the same directory (keytool.exe is located in
C:\CFusionMX7\runtime\jre\bin):
keytool -import -keystore cacerts -alias giveUniqueName -file filename.cer

When I run it without passing the clientCert, I get a cfhttp response from the
webserver (403)... and error, but at least I get something.

When I add in the clientCert, cfhttp doesn't appear to work and I get a cfhttp
is undefined error.

Does this feature actually work? Anyone have any suggestions??

thanks,
alan
Reply to this Message
LoanXEngine - 20 Sep 2007 20:47 GMT
I figured it out.  No need to mess with the .cer file or do the add to keystore
method.

You acually reference the direct path to the .pfx file and use the client cert
passowrd... much simpler. I was looking at the previous MX7 folks trying to do
the same thing...

This is GOBs easier.
Reply to this Message
kurtd - 29 Jun 2008 01:16 GMT
I'm having trouble figuring this out with CF8.  
1) How do I export the Cert with IE7? PKCS#12  is grayed out...  
2) Where do I get the password from?

Thanks

>I figured it out.  No need to mess with the .cer file or do the add to keystore
>method.
[quoted text clipped - 4 lines]
>
> This is GOBs easier.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.