CFHTTP问题SSL - 关闭cfhttp的安全? [英] CFHTTP issue with SSL - turn off security on cfhttp?
问题描述
我一直在尝试让这个请求工作很有趣。我一直在做一个< cfhttp method =get...> 请求Facebook一段时间没有问题。该请求抓取一个RSS源,以便我们可以在我们的网站上显示它。不幸的是,有人最近注意到它停止工作。我唯一能想到的可能是导致的问题是在我的系统中的URL是 http://www.facebook.com ... ,但正在重定向( https://www.facebook.com ... )。
I've been having a pretty fun time trying to get this request to work. I've been doing a <cfhttp method="get"...> request to Facebook for some time without a problem. The request grabs an RSS feed so we can display it on our site. Unfortunately, someone recently noticed it stopped working. The only thing I can think of that could be causing the problem is the URL in my system is http://www.facebook.com..., but is being redirected to secure (https://www.facebook.com...).
安装证书作为张贴在所有的互联网...没有骰子。我试过安装到ColdFusion,我们的网络服务器和ColdFusion所在的Java安装。
So I've tried installing the cert as is posted all over the "internets"...no dice. I've tried installing into ColdFusion, our webserver and the Java installation on which ColdFusion sits.
有没有办法告诉ColdFusion我不在乎它是一个安全请求和只是处理它吗? Facebook不在乎,我知道我在做什么,所以为什么ColdFusion会阻止我做我想做的事情?这不是我遇到的唯一的时间,但我通常不需要做安全的请求,并做别的事情。
Is there any way to just tell ColdFusion that I don't care it's a secure request and to just process it anyways? Facebook doesn't care, and I know what I'm doing, so why should ColdFusion block me from doing what I want to do? This isn't the only time I've run into this, but I've usually not needed to make the secure request and done something else instead.
---编辑#1:我知道这必须是一个安全的请求。我只是想知道是否有一些方法告诉ColdFusion或Java,我不想它阻止连接到安全的网站。
---Edit#1: I know this has to be a secure request. I just would like to know if there is some way to tell ColdFusion or Java that I don't want it to prevent the connection to the secure site.
ColdFusion 8企业,安装在Solaris服务器上,使用Java JDK 1.6.0_12(只有在此环境中与Verity一起使用的版本)。
ColdFusion 8 Enterprise, installed on a Solaris server, with Java JDK 1.6.0_12 (only version that works with Verity in this environment).
---编辑#2:显然很不清楚。抱歉。
是否可以暂时禁用对安全URL的请求安装证书的需要?
Pseudocode:
---Edit#2: The question is apparently very unclear. Sorry. Is it possible to temporarily disable the need for a cert to be installed for the request to be made to a secure URL? Pseudocode:
- 关闭ColdFusion(或Java)证书检查
- 请求安全网站(例如
< cfhttp url =https://www.facebook.com/feeds/page.php?format=rss20&id=12341234123412method =get/> ; - 打开ColdFusion证书检查未来的请求
推荐答案
您需要将更新的根证书更新为更新的版本我们建议您尝试JRE 1.6.0_45:
You need to update your JVM to a newer version with updated root certificates as the SSL certificate that Facebook is using is more than likely based on a newer root certificate and your system is not recognising it. I would suggest you try JRE 1.6.0_45:
此外,不建议在生产环境中使用JDK,应该使用服务器JRE。
Also, it is not recommended using the JDK in a production environment, you should be using the server JRE.
这篇关于CFHTTP问题SSL - 关闭cfhttp的安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
