If you want to connect to a site which uses https you might get a connection error like "peer not authenticated". To solve this problem you need to import the SSL certificate to your ColdFusion Java keystore. There are a few steps to do this depending on your situation.
If you have a keystore which contains the certificate (which was my case) then you need to export this to a certificate file using the keytool application.
Keytool can be found in your ColdFusion root \runtime\jre\bin\keytool.exe
keytool.exe -export -alias aliasOfKey -v -keystore keystoreFile -file myCertificate.crt
If keytool asks for a password and you don't have ony you can try the default password "changeit".
This exports the certificate with the given alias from the given keystore file to a crt file.
If you don't know the alias of the certificate then you can list the contents of the keystore file using:
keytool.exe -list -v -keystore keystoreFile
You can also open the site in a webbrowser and double click on the key icon. This will view the SSL certificate. Click the details tab. In this window you can save the certificate. Choose BASE64 for encoding and save it to a known location.
Next you need to copy the crt file to the security folder in ColdFusion. This is located in: ColdFusion root runtime\jre\lib\security
In this folder is also the cacerts file which is the keystore for ColdFusion.
Now you need to add the crt file to the keystore:
keytool.exe -import -keystore cacerts -alias aliasOfKey -file myCertificate.crt
And you are done!
No comments:
Post a Comment