Highlighted

salesforce api sha 256 connection failure

New Here ,
Jun 01, 2015

Copy link to clipboard

Copied

I've been successfully using Salesforce's api till they made the switch to SHA 256 algorithms about 2 weeks ago (HTTPS Security Certificate Change from SHA-1 to SHA-256 hash algorithms). I know that coldfusion 8 is capable of supporting sha 245 hashing, but I've had no luck connecting to salesforce objects. Where exactly do i need to implement the SHA 256 encoding? Here's my CF code that is currrently functioning on a server where the sha 256 hasn't been implemented yet:

<cfhttp url="https://cs8.salesforce.com/services/data/v30.0/sobjects/SFOBJECT/describe" method="get" result="apique">

  <cfhttpparam type="header" name="Authorization" value="Bearer XXXXXXX">

   <cfhttpparam type="header" name="X-PrettyPrint" value="1">

   </cfhttp>

This works correctly, so I assumed I just need to do the hashing on either the url or the authorization value. l tried both, then one or the other, but still no luck. Any advice is welcom.

Views

494

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

salesforce api sha 256 connection failure

New Here ,
Jun 01, 2015

Copy link to clipboard

Copied

I've been successfully using Salesforce's api till they made the switch to SHA 256 algorithms about 2 weeks ago (HTTPS Security Certificate Change from SHA-1 to SHA-256 hash algorithms). I know that coldfusion 8 is capable of supporting sha 245 hashing, but I've had no luck connecting to salesforce objects. Where exactly do i need to implement the SHA 256 encoding? Here's my CF code that is currrently functioning on a server where the sha 256 hasn't been implemented yet:

<cfhttp url="https://cs8.salesforce.com/services/data/v30.0/sobjects/SFOBJECT/describe" method="get" result="apique">

  <cfhttpparam type="header" name="Authorization" value="Bearer XXXXXXX">

   <cfhttpparam type="header" name="X-PrettyPrint" value="1">

   </cfhttp>

This works correctly, so I assumed I just need to do the hashing on either the url or the authorization value. l tried both, then one or the other, but still no luck. Any advice is welcom.

Views

495

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 01, 2015 0
Advocate ,
Jun 02, 2015

Copy link to clipboard

Copied

You are confusing the situation here. Salesforce, like may other APIs, are changing their certificates to SHA-256. This is not the same as you hashing information your side using coldfusion. What you need is coldfusion to be able to understand these newer certificates. This means that your code will mostly stay the same, what changes is the underlying java engine which allows connecting to HTTPS using SHA-256.

Firstly, you will need to make sure you have a java version being used by coldfusion 8 that supports SHA-256. I believe you are going to need at least Java 1.6.0_45 to get this working. The only other problem you will have is if Salesforce are using a SAN certificate, in which case Coldfusion 8 doesnt support this.


You can read about upgrading jvm for CF 8 here - How to change the JVM for ColdFusion on JRun

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 02, 2015 1
New Here ,
Jun 02, 2015

Copy link to clipboard

Copied

Thanks for the info! I've been working with our DBA to fix this issue for a week and when I shared this information with him, he was able to come up with a fix that didn't involve installing a whole new JDK. He downloaded and installed symantec certificates into the existing JRE and that fixed the problem.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 02, 2015 0