Re: Accessing HTTPS via CFHTTP

["HugeBob" <webforumsuser@xxxxxxxxxxxxxx>]

[q][i]Originally posted by: [b][b]Newsgroup User[/b][/b][/i]
 HugeBob wrote:
 > I'm trying to import the public key of a secure site (https) I want to get 
to 
 > via CFHTTP.  But, I'm having a lot of difficulty getting this to work.  Our 
CF8 
 > server is on a Unix box (SunOS 5.10).  From my Windows XP workstation, I 
went 
 > to the site with IE and retrieved the public key in DER Binary Format and 
saved 
 > it to a *.cer file on the CF server (via Samba share).  I then used the 
keytool 
 > to import it into the keystore at /{jrun_root}/jre/lib/security/cacerts.  I 
 > verified that it was in there with the [B]keytool -list -keystore 
cacerts[/B] 
 > command.

 So far so good.


 > I then went into the /{jrun_root}/servers/cfusion/SERVER-INF/jrun.xml 
 > file and uncommented the jrun.servlet.http.SSLService section and pointed 
the 
 > keyStore and trustStore attributes to the cacerts key store.  I restarted CF 
 > and received a host of errors all saying:
 > 
 >  [B]error No available certificate or key corresponds to the SSL cipher 
suites 
 > which are enabled.[/B]

 And this is incorrect. You only need to do this if you are using the 
 buildin webserver and want to access that webserver directly from your 
 browser over HTTPS. (And in that case you would need the private key too.)


 Undo the changes to jrun.xml, restart CF and try your cfhttp code.
 [/q]

 Jochem,

 Since I was getting all those errors during CF start up, I killed it, removed 
the changes and restarted the server.  But, no luck.  The template containing 
the CFHTTP still can't connect.