Hi,
I have the following code snippet, which works fine in Adobe CF 9.0.1 - but does not appear to use the clientcert in Lucee (tried both on Lucee 5.1.3.18 on windows, and on 5.2.2.71-RC on Linux.
<cfhttp url="#webserviceURL#"
method="post"
result="serviceResponse"
clientcert="#certificatepath#"
clientcertpassword="#certifcatepassword#" timeout="15" throwonerror="false">
<cfhttpparam type="header" name="Content-Type" value="text/xml" >
<cfhttpparam type="header" name="SOAPAction" value="http://tempuri.org/TranslateAndExecute" >
<cfhttpparam type="body" value="#variables.soap#">
</cfhttp>
This is being posted to a system where client certificate authentication is required - and the response I am seeing is 503.0 Forbidden.
On speaking to the supplier, they say that they seeing the request logged as not having a certificate.
Can anyone advise what I might be doing wrong… or at least where to begin diagnosing what lucee is doing? It seems as if the clientcert attribute is being ignored - I’ve checked that the path exists and is readable… but changing the clientcert value to a non existent path does not change the outcome - no error from lucee… but exactly same request logged and response from destination server…