I have ColdFusion 9 installed on my system.
I need to read data from an SSL encrypted site (https). I have followed all the steps described in CF documentation.
That is:
Go to a page on the SSL server in question.
Double-click the lock icon.
Click the Details tab.
Click Copy To File.
Select the base64 option and save the file.
Copy the CER file into C:\ColdFusion8\runtime\jre\lib\security (or whichever JRE ColdFusion is using).
Run the following command in the same directory (keytool.exe is located in C:\CFusionMX7\runtime\jre\bin):
keytool -import -keystore cacerts -alias giveUniqueName -file filename.cer
In CMD, it showed "certificate was added successfully"
But it is still showing the same error peer not authenticated.
Is there anything more required?
If you are trying to call web services in CF 11 (and maybe 10 but check that yourself), CF expects the web service or any CFHTTP call to use the WebSocket Service and port 8577 in a standard setup. This is because the WebSocket Services have been optimized for web services and CFHTTP also uses WebService Sockets.
I run CF 11 on my IIS server and port 8577 is blocked by a firewall. When I tried to connect, it sends back this error for CFHTTP and web services:
"I/O Exception: sun.security.validator.ValidatorException: PKIX path
building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target"
It would seem like it requires adding custom certificates to the CACERT for JRE, but that is not the solution for me.
There is a simple fix to get this running with IIS (at least IIS) if you do not want to unblock the WebSocket Service and you don't need that performance to run natively. All you have to do is go in to the CF Admin dashboard and change the WebSocket Service to "Use Proxy". This will send all calls to the CF WebSocket Service or CFHTTP through IIS as a proxy. Restart the CF Application Server service and it should work just fine. If these directions are not perfect I apologize but it will lead you to get it working. See also Using WebSocket with ColdFusion 11.
Although the documentation doesn't specifically mention it, restarting the ColdFusion service is required. If you haven't already, that should be the first thing you try.
Related
I have added this question on ServerFault but no one replied.
I have a .net application which calls a webservice deployed on my local windows server 2012 on IIS, and the sql server database resides on that server too. All employees connect to the same service and DB since we're all on the same domain, and I publish the app and webservice to the server through visual studio (2012).
Now I need to make employees access this application when they are outside the company's network, so I deployed the webservice on IIS on one of our remote windows 2012 servers, I created a public shared folder in my remote server and added to app webservice files to it and in visual studio I changed the publish method to web deploy and filled in the information as below:
Server: https://x.x.x.x/
Site Name: https://x.x.x.x/PublicFolder
Destication URL: https://x.x.x.x/PublicFolder/Application
When I click Validate Connection, it fails with the following message:
Could not connect to the remote computer ("x.x.x.x"). on the remote
computer make sure that Web Deploy is installed and that the required
process ("Web Management Service") is started. Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_DESTINATION_NOT_REACHABLE.
Unable to connect to the remote server
Note that I tried to replace https with http and I got another error:
Could not connect to the remote computer ("x.x.x.x"). on the remote
computer make sure that Web Deploy is installed and that the required
process ("Web Management Service") is started. Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.
the remote server returned an error: (401)Unauthorized
I went to the previous link and I did what they suggested:
Create a separate user group MSDepSvcUsers on remote computer.
Create an local account A on both local & remote computer.
Add A to MSDepSvcUsers on remote computer.
Use account A to publish, this will allow you to publish without
needing to use built-in admin account.
but the same error (NOT_ADMIN) remained
UPDATE: I found another possible solution:
Add/modify windows registery key
“HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\”
and set it “1”.
After I added this registry key, the error changed to:
site 'http:' does not exist ... #ERROR_SITE_DOES_NOT_EXIST
So now if I put wrong credentials, I get the unauthorized error, if I use correct credentials I get side does not exist error.
What should I do?
It worked!!
I mean the connection, it's now validated, all I had to do is change site name from "http://x.x.x.x/PublicFolder" to "Default Web Site\SiteName" !!
This was really confusing, finally got it!
I have a web service that has been running on CF 8 for awhile now without issues. We've recently moved to CF10, and this web service no longer works. I've already tried switching the Axis setting to 1, it's still tossing errors. Has anyone else encountered this, or have an ideas on what else to look for here?
Process:
CF Server sends a web service request to App Server.
App Server processes request, generates another web service back to CF Server with SOAP data pushes, then replies back to the step 1 originating request with a boolean response on how its own web service request went.
CF Server Errors:
The web service operation caused an invocation exception.The root cause was that: ClientAbortException: java.net.SocketException: Connection reset by peer: socket write error.
Cannot perform web service invocation [Method Name]. The fault returned when invoking the web service operation is: java.lang.NoClassDefFoundError: org/apache/james/mime4j/MimeException
App Server Error Logs:
com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
SEVERE: SAAJ0009: Message send failed
com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
Caused by: java.io.IOException: Error writing to server
I've gone as far as modifying the App Server configuration to have it's web service request push out to the CF 8 server for processing, while still replying back to the originating request from the CF 10 server. This worked fine. It's definitely something with the requests or my CF 10 web service config.
I can't post any of the code examples unfortunately.
24 Sept 13 Update
I've tried various combinations of v1 and v2 in the CF admin, with wsdl and wsdl2, and the application.cfc setup. The app that is interacting with this service has given me the ability to modify a variety of parameters for soap versioning and some internal items. I can get the two services to talk with a bare bones connection of give me your soap and I'll toss a YES back. Whenever I try to use the full request it seems to never actually hit my web service, and gets stopped somewhere by CF. I see no logging on it other than in the web service log.
I found the solution to my problem. The ColdFusion connector was causing the fault. After installing ColdFusion 10 and patching, I had run the wsconfig to rebuild the connector. I had either done this incorrectly, or for some reason it didn't take. I ran it this morning, removed the connector, re-added it.... everything working fine now. Very frustrating.
I'm monitoring a directory for FTP uploads on the server using a CF event gateway. Fine so far, but I want to get at the IP address of the computer uploading the file. The server is Windows Web Server 2008 R2 IIS 7 and Windows FTP 7.5
What I am aiming for is growl type message if the uploaded file has been handled correctly (or else error msg) and for that I need the IP of the sender. (there is no problem with NAT within the LAN)
The FTP service writes a log containing the IP which I could try to correlate with the directory monitoring event, but other than by scraping the log is there another way?
Since ColdFusion has no connection to the FTP service in IIS, you'll have to handle this through the logs. You can, however, use something like LogParser (see this article
from Ray Camden on how to use it to parse an IIS log file.
Good luck!
Dan
when i try opening http://127.0.0.1:8500/test.com
I get
500 There is no web application configured to service your request There is no web application configured to service your request
when i try opening http://127.0.0.1:8500/CFIDE/
I GET THE same error
Kindly guide me to solution.
It means the server did not fully start. The JRun container started and was able to accept an HTTP Request via its internal webserver port, but then the ColdFusion Server inside JRun was not fully deployed or not deployed at all.
The startup events in /path/to/coldfusion8/runtime/logs/coldfusion-event.log and /path/to/coldfusion8/logs/server.log will contain details about what failed during ColdFusion startup.
You will probably not make sense of the events as they are usually somewhat cryptic. Please post log contents for further diagnosis.
I have a FinalBuilder project where I deploy an ASP.Net website to a remote folder, configured as a website in IIS.
As part of my build script, I want to use the FinalBuilder action HTTP Get File to help determine whether my deployment was succesful.
I'm having difficulty, because the website is configured (under IIS 6) to use Integrated Windows Authentication, and anonymous access is not enabled.
Now the HTTP Get File action, has only a handful of properties, one of which is a security section, containing a UserName and Password. Great I thought! I can just put some valid credentials in there, which FinalBuilder will impersonate, whilst retrieving my file.
It turns out I was mistaken. I receive the following error:
Error retrieving url : Socket Error # 10061
Connection refused.
If I run the action without setting the Security Username and Password, I get the following error:
Error retrieving url : HTTP/1.1 401 Unauthorized Response Code : 401
Here are some facts to help with the context of my problem.
I'm running FinalBuilder 6 Professional, upon a Windows Server 2003 installation, and deploying my ASP.Net website to a remote IIS6 server within our corporate LAN.
If I configure IIS on the remote server to allow Anonymous access, I can run the HTTP Get File action without error. However, running this particular site with anon access is not acceptable in our situation.
Can anyone help suggest a workaround?
For a definitive answer, I think the Finalbuilder Forum is probably your best bet.
My guess, though, is that the HTTP library used by FB doesn't support Windows authentication, and is failing because no common authentication method can be negotiated. Since HTTPS isn't supported either by the 'HTTP Get File action', the possible workaround of allowing basic authentication on your site isn't a good idea, as you would be passing credentials over the network in plain text.
The only remaining workaround I can think of (other than waiting for a future FB release), is creating your own FB action to retrieve the file. Using the .NET Framework System.Net.WebClient, that should be trivial. Just start with a standalone EXE to make sure everything works, then refactor it into a 'real' action using FinalBuilder Action Studio (if that's even required: spawning an external EXE may work just fine in your case).