I have the following code snippet, which works fine in Adobe CF 9.0.1 - but does not appear to use the clientcert in Lucee (tried both on Lucee 188.8.131.52 on windows, and on 184.108.40.206-RC on Linux.
clientcertpassword="#certifcatepassword#" timeout="15" throwonerror="false">
<cfhttpparam type="header" name="Content-Type" value="text/xml" >
<cfhttpparam type="header" name="SOAPAction" value="http://tempuri.org/TranslateAndExecute" >
<cfhttpparam type="body" value="#variables.soap#">
This is being posted to a system where client certificate authentication is required - and the response I am seeing is 503.0 Forbidden.
On speaking to the supplier, they say that they seeing the request logged as not having a certificate.
Can anyone advise what I might be doing wrong... or at least where to begin diagnosing what lucee is doing? It seems as if the clientcert attribute is being ignored - I've checked that the path exists and is readable... but changing the clientcert value to a non existent path does not change the outcome - no error from lucee... but exactly same request logged and response from destination server...