cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Coldfusion 11 Web Services and SSL Issue

LCCoder
New Here ,
Jul 28, 2014 Jul 28, 2014

Our company has two web services that we host that a vendor uses to grab information from on a periodic basis. These services ran fine on a CF8 SSL site, but once we switched to 11, the services can no longer be created. However, I can create them on our unsecured test site (which also is running CF 11) and access them externally without issue. When I try to create the webservice in the url, I just get a blank page back instead of the XML I should be getting. Is there something special I am missing that has to be done to create web services in a secure environment? The raw error message I get when trying to invoke the secure web service is below:

coldfusion.xml.rpc.XmlRpcServiceImpl$BadWsdlXMLException: Unable to parse WSDL as an XML document. at coldfusion.xml.rpc.XmlRpcServiceImpl.retrieveWSDL(XmlRpcServiceImpl.java:976) at coldfusion.xml.rpc.XmlRpcServiceImpl.access$000(XmlRpcServiceImpl.java:96) at coldfusion.xml.rpc.XmlRpcServiceImpl$1.run(XmlRpcServiceImpl.java:309) at java.security.AccessController.doPrivileged(Native Method) at coldfusion.xml.rpc.XmlRpcServiceImpl.registerWebService(XmlRpcServiceImpl.java:302) at coldfusion.xml.rpc.XmlRpcServiceImpl.getWebServiceProxy(XmlRpcServiceImpl.java:692) at coldfusion.tagext.lang.InvokeTag.doEndTag(InvokeTag.java:469) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2987) at cfcallmattersearch2ecfm1244659485.runPage(D:\Web\sims\st\callmattersearch.cfm:9) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:246) at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:734) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:570) at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65) at coldfusion.filter.IpFilter.invoke(IpFilter.java:45) at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:487) at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:42) at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40) at coldfusion.filter.PathFilter.invoke(PathFilter.java:141) at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:94) at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:78) at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28) at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:58) at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62) at coldfusion.CfmServlet.service(CfmServlet.java:219) at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42) at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:422) at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:198) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)

4.9K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 9 Replies 9
latest latest Jump to latest reply
Merchlinski
Explorer ,
Jan 30, 2015 Jan 30, 2015

Were you able to resolve this?  I'm having a similar issue.  Calling the webservice externally, I get

Unable to read WSDL from URL: https://app-dev.phs.psu.edu/standard/date_function.cfc?WSDL.

Error: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name. It is recommended that you use a web browser to retrieve and examine the requested WSDL document to ensure it is correct.

When I tried to view the WSDL directly in the browser, it just gave me a blank page.  I followed the instructions on this page Deploy SSL (HTTPS) Webservice in Coldfusion - A ShavedMonkey's Coldfusion Blog and made changes to axis2.xml and was then able to view the WSDL.  However, I still get the above error when calling the web service over https (it works fine over http).

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Jan 31, 2015 Jan 31, 2015
In Response To Merchlinski

@BigDadi

Thanks for sharing the tip about modifying the axis2.xml file to enable web services over HTTPS. That is necessary. Nevertheless, the error you are now getting may be related to something else, the Djsse.enableSNIExtension setting in the Java 7 Virtual Machine.

Perform the following test. Go to the Java and JVM page in the ColdFusion Administrator. Add this setting to the JVM arguments:

-Djsse.enableSNIExtension=false

Restart ColdFusion. Does it help?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Merchlinski
Explorer ,
Feb 02, 2015 Feb 02, 2015
In Response To BKBK

Yes - this is what I needed!  Many thanks!!

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 02, 2015 Feb 02, 2015
In Response To Merchlinski

My pleasure. Let us hope it helps LCCoder, too.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Merchlinski
Explorer ,
Feb 03, 2015 Feb 03, 2015
In Response To BKBK

I've got this working on our dev and test servers.  Now I'm trying to deploy it to production.  We have an external prod server in a DMZ that calls the web service on our internal prod server.  We only have port 443 open in the firewall between these two servers (not port 80).  I am able to do a <cfhttp> call to the WSDL over 443 and get back the xml.  However, if I make the web service call using <cfinvoke> I get the following error:

Cannot perform web service invocation getNthDayOfMonth.

The fault returned when invoking the web service operation is:

org.apache.axis2.AxisFault: Connection refused

        at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)

        at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)

        at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)

        at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:402)

        at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)

        at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)

        at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)

        at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)

        at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)

        at standard.StandardDate_functionCfcStub.getNthDayOfMonth(StandardDate_functionCfcStub.java:192)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorI... ''

I am able to successfully call the same web service (on the internal prod server) using the same code from my internal dev server.  However, when I look at my httpd logs on the internal prod server, I don't see the request in the ssl logs.  It shows up in the access_log file as:
150.231.26.130 - - [03/Feb/2015:13:48:57 -0500] "POST /standard/date_function.cfc HTTP/1.1" 200 397 "-" "Axis2"

Any thoughts why this appears to still be coming through port 80?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 04, 2015 Feb 04, 2015
In Response To Merchlinski

@BigDadi

Interesting development. Could you start a new thread on this?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Merchlinski
Explorer ,
Feb 04, 2015 Feb 04, 2015
In Response To BKBK

New discussion started at https://forums.adobe.com/thread/1698233.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Brons2_
New Here ,
Jul 10, 2018 Jul 10, 2018
In Response To BKBK

adding this string

-Djsse.enableSNIExtension=false

makes my CF Application Server service unable to start.  ColdFusion 2016 version.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Carl Von Stetten
Guide ,
Jul 11, 2018 Jul 11, 2018
LATEST
In Response To Brons2_

@Brons2+

Could you start a new thread specific to this issue?  This thread is quite old and isn't specific to CF2016.


Thanks,-Carl V.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices