0

I'm using ColdFusion but the sample code we have is written in PHP.

We need to do the integration with a 3rd party system which requires us to include the SSL certificate as well as SSL Key.

I tried to search around, but could not find any solution. Has anyone come across this issue before?

The following is the sample code we received from our partner but written in PHP. Appreciate if anyone has the solution to convert it to ColdFusion CFHTTP

$header   = array();
$header[] = "Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; 
$header[] = "Cache-Control: max-age=0"; 
$header[] = "Connection: keep-alive"; 
$header[] = "Keep-Alive:timeout=5, max=100"; 
$header[] = "Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3"; 
$header[] = "Accept-Language:es-ES,es;q=0.8"; 
$header[] = "Pragma: "; 
$header[] = "X_ENTITY_KEY: " . $entity_key; 

$tuCurl = curl_init();
   curl_setopt($tuCurl, CURLOPT_URL, $url);
   curl_setopt($tuCurl, CURLOPT_PORT , 443);
   curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
   curl_setopt($tuCurl, CURLOPT_HTTPHEADER, $header);
   curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
   curl_setopt($tuCurl, CURLOPT_SSL_VERIFYHOST, 0);
   curl_setopt($tuCurl, CURLOPT_SSLCERT, $path . '/api/file.pem');
   curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($tuCurl, CURLOPT_SSLKEY, $path . '/api/file.key');

echo $exec = curl_exec($tuCurl);

curl_close($tuCurl);
$data = json_decode($exec, TRUE);
Miguel-F
  • 13,042
  • 5
  • 33
  • 55
david_cheong
  • 1
  • 2
    What error are you getting in CF? Please post CF code snippet and error details. – andrewdixon Feb 11 '15 at 10:59
  • 1
    To point you in the right direction, the ColdFusion equivalent of Curl is `cfhttp`, you should probably start with that then come back and let us know where it's going wrong. – Jarede Feb 11 '15 at 14:36
  • 1
    And in order for the `cfhttp` call to use the SSL certificate you will need to import the certificate into the Java keystore that ColdFusion is using. See steps here http://stackoverflow.com/a/20475763/1636917 – Miguel-F Feb 11 '15 at 15:18
  • I check on CFHTTP help in adobe website, there is no option for us to set the CURLOPT_SSLKEY, I only can found the clientCert and clientCertPassword attribute option only. for my understanding clientCert should be equal to CURLOPT_SSLCERT but the the clientCertPassword is just a string data type that use to decrypt the client cert. Our problem is that the 3th party require us to attach the keyfile when calling to their API. – david_cheong Feb 12 '15 at 01:46

0 Answers0