SSL Problems with JRE 1.7

Question

Hello, all. Wondering if anyone else out there has encountered a similar issue:

I have several ColdFusion applications that speaking to another CF application via SOAP (CreateObject('webservice'...)), and that is happening over SSL. The certificate is valid, is not self-signed, and is not expired. This connection works fine on servers that are using the 1.6x JRE, but on servers using 1.7x the connection fails with the following error:

Unable to read WSDL from: {address}

Error: javax.net.ssll.SSLPeerUnverififedException: peer not authenticated.

If we downgrade the JRE on those servers with the error it goes away and connects fine.

Thoughts?

carl type3 · Answer

Hi Matt, Perhaps the SSL is not in the Java 7 keystore but is in the Java 6 keystore. Use keytool to add SSL to Java 7 then while CF is configured to Java 7 restart CF and retest.

EG:
CMD prompt
CD D:\Program Files\Java\1.7.0_nn\jre\bin>
keytool -importcert -storepass changeit -noprompt -alias friendly_name -keystore ../lib/security/cacerts -trustcacerts -file d:\temp\certificate_file.cer

HTH, Carl.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded