Import Exchange cert into JVM for CF10

Report · Apr 10, 2014

Hello, everyone.

I'm trying to learn the CFEXCHANGECONNECTION and CFEXCHANGECONTACT tags, and I'm having a bit of an issue.

When I first started playing around with it, I was getting error messages that the connection couldn't be formed because the Exchange server only accepts https connections, so I set the protocol to https.

Then I was getting an error message regarding the "cert not installed in CF server", so I managed to get a copy of the SSL cert (DER format .cer file) and followed instructions on how to import it into the JVM that CF uses.

I'm still getting the error saying that the cert isn't installed in CF server. Any suggestions?

V/r,

^_^

Report · Apr 11, 2014

Is there a setting in CFAdmin that I need to configure/change?

V/r,

^_^

Report · Apr 14, 2014

you need to add the cert to your jvm's keystore

something like this

http://www-10.lotus.com/ldd/lcwiki.nsf/xpDocViewer.xsp?lookupName=IBM+Connections+Mail+1.3+documenta...

dont worry its about domino, bottom line its importing a msexchange cert into a java keystore. I use portacle ( http://portecle.sourceforge.net/ ) for managing my java keystores

edit: I use JUST portacle to import they certs, no need to bother with command line, i left it here for the sake of completeness

Report · Apr 14, 2014

Hi, Lynux,

Thanks for your reply. I followed the instructions on the last post on this SO thread. I checked CFAdmin to make sure I was importing to the correct JVM. Still getting the error.

V/r,

^_^

Report · Apr 14, 2014

when you do your test, what do you see in your CF logs?

Also have you opened up the keystore in portacle to check the cert is in there?

Report · Apr 14, 2014

application.log: "SSLHandshakeException when connecting to the Exchange server at exchange1.xxxxxxx.xxx using HTTPS protocol. The SSL certificate installed on the Exchange server is not found on the ColdFusion server."

FireBug is showing the same thing.

Using the link I provided as steps to take, I imported the Exchange cert into C:\ColdFusion10\jre\bin\cacerts

I cannot d/l or install protacle - network security is ultra-tight (I'm in a DoD environment.)

V/r,

^_^

Report · Apr 15, 2014

have you seem this?

http://forums.adobe.com/message/735814

Report · Apr 15, 2014

I have not.. I'll give that a shot. Thank you.

^_^

UPDATE: Does this mean that it will only work with IIS? I am using Apache in my dev environment.

Report · Apr 15, 2014

As it turns out, I've spent all this time spinning my wheels. The Exchange server does not have OWA enabled. Nor will it be enabled. Without OWA, it won't work. Period. I didn't realize OWA was disabled when I started this. Sorry for wasting your time, and thank you for your advice. I'm done trying to work with this.

V/r,

^_^

Report · Apr 15, 2014

np