Copy link to clipboard
Copied
I am connecting to the unsplash api (it allows free images to be used in websites) and the problem is that up until today everything was working fine. The user would enter a keyword and it was then sent using the following code:
<cfhttp url="https://api.unsplash.com/search/photos" method="get" result="fetchSplash"> <cfhttpparam type="url" name="client_id" value="xxx"> <cfhttpparam type="url" name="query" value="#url.unsplashme#"> <cfhttpparam type="url" name="page" value="1"> <cfhttpparam type="url" name="per_page" value="20"> </cfhttp>
JSON was being sent back with image information without any problems but now I get the following error:
I'm at a loss as to what the problem could be as nothing has changed on our server and if I test their url like this in a browser I get results ((ID number has been removed):
https://api.unsplash.com/search/photos?client_id=xxx&page=1&query=office
Any help appreciated!
Copy link to clipboard
Copied
This sounds like a HTTPS issue - a protocol version mismatch between client and server. See java - javax.net.ssl.SSLException: Received fatal alert: protocol_version - Stack Overflow
Copy link to clipboard
Copied
i'm not entirely sure what that means to be honest. its a bit frustrating as it was working fine for a few days and then just stopped working. I've switched over to a jquery based version and it works fine.
Copy link to clipboard
Copied
If you have a solution, leave it. The issue of HTTPS in CFHTTP can be a complex one. It can break for many different reasons e.g. Java version, version of your SSL certificate and also the security protocols that are enabled on your server. More than likely the other end changed something on their server, most like the SSL certificate, and the CFHTTP cannot communicate with it any longer. Using jQuery pushes the responsibility to the web browser, which seems to be ok. CFHTTP can be a pita sometimes.
Copy link to clipboard
Copied
They likely disabled TLS 1.0 or something and the version of CF / Java you're running is probably not using TLS 1.1 / 1.2 to to do the request.
Copy link to clipboard
Copied
Using the SSL Labs server testing tool ( https://www.ssllabs.com/ssltest/ ) shows that the API endpoint https://api.unsplash.com has only TLS 1.2 enabled.
If you're on an old OS such as Windows Server 2008, you're stuck with TLS 1.0.
IISCrypto can show you what protocols are enabled on your Windows box: