my CFHTTP issue is back. Hitting <smarty.com> from...
# adobed
Daniel Mejia
04/11/2022, 9:50 PMmy CFHTTP issue is back. Hitting smarty.com from cftry works but doesn't work from my server.
[SOLVED]: Tell jvm to use specific TLS version -Dhttps.protocols=TLSv1.2. smarty.com only accepts 1.2 or 1.3.
Daniel Mejia
04/11/2022, 9:51 PMIts not a TLS issue. Smarty.com supports 1.2 and 1.3 and my server only uses 1.2.
Daniel Mejia
04/11/2022, 9:52 PMThe output of cfhttp.filecontent is "Connection Failure"
Daniel Mejia
04/11/2022, 9:55 PMIf I use the browser on the same server and hit smarty.com directly it works. So it can't be network related.
Daniel Mejia
04/11/2022, 9:57 PMSmarty api doesn't have any "Allowed Hosts" list where I have to add my website or IP. Its perfectly fine to use the same URL request from anywhere (ofcourse it needs my auth info).
Daniel Mejia
04/11/2022, 9:58 PM@priyank_adobe Can you help me?
p
Patrick
04/11/2022, 10:06 PMWhat is your java version
Patrick
04/11/2022, 10:07 PMneed to verify the version CF is running on is using the proper TLS (aka 1.2)
d
Daniel Mejia
04/11/2022, 10:09 PMhmmm...
Daniel Mejia
04/11/2022, 10:10 PMCF 2018 and java 11.0.1 2018-10-16 LTS
Java(TM) SE Runtime Environment 18.9 (build 11.0.1+13-LTS)
Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.1+13-LTS, mixed mode)
Daniel Mejia
04/11/2022, 10:10 PMthis is a Enterprise ACF 2018 Gui install
p
Patrick
04/11/2022, 10:13 PMHmm appears should be good
Patrick
04/11/2022, 10:13 PMTake a look here: https://www.petefreitag.com/item/916.cfm
d
Daniel Mejia
04/11/2022, 10:17 PMSo my verison of JRE 11.0.1 is probably using TLSv1 or TLSv1.1????
Daniel Mejia
04/11/2022, 10:18 PMI'm not too sure how this works.
p
Patrick
04/11/2022, 10:20 PMNo, your version should be using 1.2 I believe
d
Daniel Mejia
04/11/2022, 10:21 PMHow does this work? I use windows server and IIS and in the windows registry I disable a bunch "weak" protocols and ciphers using IISCrypto.
Daniel Mejia
04/11/2022, 10:22 PMThis is all that I have enabled on my server?
Daniel Mejia
04/11/2022, 10:35 PMThanks chiming in Patrick.
@priyank_adobe I emailed cf.install@adobe.com - hopefully I can get this fixed asap.
Daniel Mejia
04/11/2022, 10:40 PMFWIW, it also works locally from my commandbox servers.
p
Patrick
04/11/2022, 10:59 PMYea this is def a config issue on your actual server if its working otherwise
d
Daniel Mejia
04/11/2022, 11:01 PMCan't be a CF Admin config setting because I have exported those and imported those to my commandbox servers.
Do you mean installation files config?
p
Patrick
04/11/2022, 11:07 PMBasically it seems that your windows server or java is configured to use 1.1 or a non-supported call method thus the 3rd party api is crapping out
👍🏾 1
Patrick
04/11/2022, 11:25 PM@Daniel Mejia also I believe in CFAdmin you can add jvm params; try adding this:
-Dhttps.protocols=TLSv1.2👍🏾 1
d
Daniel Mejia
04/11/2022, 11:53 PMI will try this and restart server tonight
👍🏻 1
Daniel Mejia
04/12/2022, 2:07 PM@Patrick it worked. thank you!
p
Patrick
04/12/2022, 2:09 PMAwesome, no prob!!
3 Views