Hi All
I have a case where I need to do a https call using a client cert, at first
this did not work at all until I have across the below fix
https://luceeserver.atlassian.net/browse/LDEV-469
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made no
difference, is there another way to set the TLS version? the pull request
in the above link seems to hard code the version at “TLSv1”
Regards
GX
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew> On 26 Feb 2016, at 07:23, @mailme.gx wrote:
Hi All
I have a case where I need to do a https call using a client cert, at first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta (lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of TLSv1.2 or greater for secure communication with our Real-time Listings Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made no difference, is there another way to set the TLS version? the pull request in the above link seems to hard code the version at “TLSv1”
Regards
GX
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com mailto:lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com mailto:lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout.
Hi Mark
I upgreaded my java version and the results are the same
I ran the following to check the correct java is being used
<cfset sVars.info = CreateObject(“java”,
“java.lang.System”).getProperty(“java.runtime.version”) />
It shows version is definatley 1.8.0_73-b02
Regards
GXOn Friday, 26 February 2016 14:05:34 UTC+2, Mark Drew wrote:
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew
On 26 Feb 2016, at 07:23, mail...@gmail.com <javascript:> wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made no
difference, is there another way to set the TLS version? the pull request
in the above link seems to hard code the version at “TLSv1”
Regards
GX
You received this message because you are subscribed to the Google Groups
“Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to lucee+un...@googlegroups.com <javascript:>.
To post to this group, send email to lu...@googlegroups.com <javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
This is the
problem: Lucee/HTTPEngine4Impl.java at affb0dd1b9ac87473655a49d4c0fb007559025d5 · lucee/Lucee · GitHub
I’ve created a pull request to fix
this: Added TLSv1.1 and TLSv1.2 for client SSL in CFHTTP by jzuijlek · Pull Request #13 · lucee/Lucee · GitHub
I also have this fix in my local Lucee 4.5 if you’re interested.On Friday, February 26, 2016 at 3:29:14 PM UTC+1, mail...@gmail.com wrote:
another confusing this is the httpclinet library
the lucee 4.5 versions file states tghat
apache-jakarta-commons-httpclient.jar is version 3.0.1
the 5 beta jar filename is
commons-httpclient-3.1.jar
if I search google for “apache-jakarta-commons-httpclient” the first
result is this page: HttpClient - HttpClient Home this hst been
updated since 2011 and has a notice
End of life
The Commons HttpClient project is now end of life, and is no longer being
developed. It has been replaced by the Apache HttpComponents
http://hc.apache.org/ project in its HttpClient
http://hc.apache.org/httpcomponents-client-ga and HttpCore
http://hc.apache.org/httpcomponents-core-ga/ modules, which offer
better performance and more flexibility.
the latest stable is 4.5 - what joy.I was looking for a example on how to
make a request to a https tls1.2 using a pkcs12 cert or a pem and crt file
but most examples dont match the httpclient version they are more up to
date
GX
On Friday, 26 February 2016 15:56:44 UTC+2, mail...@gmail.com wrote:
Hi Mark
I upgreaded my java version and the results are the same
I ran the following to check the correct java is being used
<cfset sVars.info = CreateObject(“java”,
“java.lang.System”).getProperty(“java.runtime.version”) />
It shows version is definatley 1.8.0_73-b02
Regards
GX
On Friday, 26 February 2016 14:05:34 UTC+2, Mark Drew wrote:
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew
On 26 Feb 2016, at 07:23, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made
no difference, is there another way to set the TLS version? the pull
request in the above link seems to hard code the version at “TLSv1”
Regards
GX
You received this message because you are subscribed to the Google
Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
Here is a patched 4.5.2.018. Just replace this in your lucee-server/patches
folder and restart Lucee
https://dl.dropboxusercontent.com/u/4767772/4.5.2.018.lcoOn Wednesday, March 2, 2016 at 5:54:11 AM UTC+1, mail...@gmail.com wrote:
Thanks Jonathan, That’s Great
If possible I would like to try either version too see if I can get this
to work because now I am resorting to using command line curl.
GX
On Tuesday, 1 March 2016 19:42:42 UTC+2, Jonathan van Zuijlekom wrote:
This is the problem:
Lucee/HTTPEngine4Impl.java at affb0dd1b9ac87473655a49d4c0fb007559025d5 · lucee/Lucee · GitHub
I’ve created a pull request to fix this:
Added TLSv1.1 and TLSv1.2 for client SSL in CFHTTP by jzuijlek · Pull Request #13 · lucee/Lucee · GitHub
I also have this fix in my local Lucee 4.5 if you’re interested.
On Friday, February 26, 2016 at 3:29:14 PM UTC+1, mail...@gmail.com wrote:
another confusing this is the httpclinet library
the lucee 4.5 versions file states tghat
apache-jakarta-commons-httpclient.jar is version 3.0.1
the 5 beta jar filename is
commons-httpclient-3.1.jar
if I search google for “apache-jakarta-commons-httpclient” the first
result is this page: HttpClient - HttpClient Home this hst been
updated since 2011 and has a notice
End of life
The Commons HttpClient project is now end of life, and is no longer
being developed. It has been replaced by the Apache HttpComponents
http://hc.apache.org/ project in its HttpClient
http://hc.apache.org/httpcomponents-client-ga and HttpCore
http://hc.apache.org/httpcomponents-core-ga/ modules, which offer
better performance and more flexibility.
the latest stable is 4.5 - what joy.I was looking for a example on how
to make a request to a https tls1.2 using a pkcs12 cert or a pem and crt
file but most examples dont match the httpclient version they are more up
to date
GX
On Friday, 26 February 2016 15:56:44 UTC+2, mail...@gmail.com wrote:
Hi Mark
I upgreaded my java version and the results are the same
I ran the following to check the correct java is being used
<cfset sVars.info = CreateObject(“java”,
“java.lang.System”).getProperty(“java.runtime.version”) />
It shows version is definatley 1.8.0_73-b02
Regards
GX
On Friday, 26 February 2016 14:05:34 UTC+2, Mark Drew wrote:
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew
On 26 Feb 2016, at 07:23, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use
of TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it
made no difference, is there another way to set the TLS version? the pull
request in the above link seems to hard code the version at “TLSv1”
Regards
GX
–
Love Lucee? Become a supporter and be part of the Lucee project today!
You received this message because you are subscribed to the Google
Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
Hi Jonathan
Thanks a ton that worked for me
GXOn Wednesday, 2 March 2016 13:20:19 UTC+2, Jonathan van Zuijlekom wrote:
Here is a patched 4.5.2.018. Just replace this in your
lucee-server/patches folder and restart Lucee
https://dl.dropboxusercontent.com/u/4767772/4.5.2.018.lco
On Wednesday, March 2, 2016 at 5:54:11 AM UTC+1, mail...@gmail.com wrote:
Thanks Jonathan, That’s Great
If possible I would like to try either version too see if I can get this
to work because now I am resorting to using command line curl.
GX
On Tuesday, 1 March 2016 19:42:42 UTC+2, Jonathan van Zuijlekom wrote:
This is the problem:
Lucee/HTTPEngine4Impl.java at affb0dd1b9ac87473655a49d4c0fb007559025d5 · lucee/Lucee · GitHub
I’ve created a pull request to fix this:
Added TLSv1.1 and TLSv1.2 for client SSL in CFHTTP by jzuijlek · Pull Request #13 · lucee/Lucee · GitHub
I also have this fix in my local Lucee 4.5 if you’re interested.
On Friday, February 26, 2016 at 3:29:14 PM UTC+1, mail...@gmail.com wrote:
another confusing this is the httpclinet library
the lucee 4.5 versions file states tghat
apache-jakarta-commons-httpclient.jar is version 3.0.1
the 5 beta jar filename is
commons-httpclient-3.1.jar
if I search google for “apache-jakarta-commons-httpclient” the first
result is this page: HttpClient - HttpClient Home this hst
been updated since 2011 and has a notice
End of life
The Commons HttpClient project is now end of life, and is no longer
being developed. It has been replaced by the Apache HttpComponents
http://hc.apache.org/ project in its HttpClient
http://hc.apache.org/httpcomponents-client-ga and HttpCore
http://hc.apache.org/httpcomponents-core-ga/ modules, which offer
better performance and more flexibility.
the latest stable is 4.5 - what joy.I was looking for a example on how
to make a request to a https tls1.2 using a pkcs12 cert or a pem and crt
file but most examples dont match the httpclient version they are more up
to date
GX
On Friday, 26 February 2016 15:56:44 UTC+2, mail...@gmail.com wrote:
Hi Mark
I upgreaded my java version and the results are the same
I ran the following to check the correct java is being used
<cfset sVars.info = CreateObject(“java”,
“java.lang.System”).getProperty(“java.runtime.version”) />
It shows version is definatley 1.8.0_73-b02
Regards
GX
On Friday, 26 February 2016 14:05:34 UTC+2, Mark Drew wrote:
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew
On 26 Feb 2016, at 07:23, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use
of TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it
made no difference, is there another way to set the TLS version? the pull
request in the above link seems to hard code the version at “TLSv1”
Regards
GX
You received this message because you are subscribed to the Google
Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it,
send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
Thanks Jonathan, That’s Great
If possible I would like to try either version too see if I can get this to
work because now I am resorting to using command line curl.
GXOn Tuesday, 1 March 2016 19:42:42 UTC+2, Jonathan van Zuijlekom wrote:
This is the problem:
Lucee/HTTPEngine4Impl.java at affb0dd1b9ac87473655a49d4c0fb007559025d5 · lucee/Lucee · GitHub
I’ve created a pull request to fix this:
Added TLSv1.1 and TLSv1.2 for client SSL in CFHTTP by jzuijlek · Pull Request #13 · lucee/Lucee · GitHub
I also have this fix in my local Lucee 4.5 if you’re interested.
On Friday, February 26, 2016 at 3:29:14 PM UTC+1, mail...@gmail.com wrote:
another confusing this is the httpclinet library
the lucee 4.5 versions file states tghat
apache-jakarta-commons-httpclient.jar is version 3.0.1
the 5 beta jar filename is
commons-httpclient-3.1.jar
if I search google for “apache-jakarta-commons-httpclient” the first
result is this page: HttpClient - HttpClient Home this hst been
updated since 2011 and has a notice
End of life
The Commons HttpClient project is now end of life, and is no longer being
developed. It has been replaced by the Apache HttpComponents
http://hc.apache.org/ project in its HttpClient
http://hc.apache.org/httpcomponents-client-ga and HttpCore
http://hc.apache.org/httpcomponents-core-ga/ modules, which offer
better performance and more flexibility.
the latest stable is 4.5 - what joy.I was looking for a example on how to
make a request to a https tls1.2 using a pkcs12 cert or a pem and crt file
but most examples dont match the httpclient version they are more up to
date
GX
On Friday, 26 February 2016 15:56:44 UTC+2, mail...@gmail.com wrote:
Hi Mark
I upgreaded my java version and the results are the same
I ran the following to check the correct java is being used
<cfset sVars.info = CreateObject(“java”,
“java.lang.System”).getProperty(“java.runtime.version”) />
It shows version is definatley 1.8.0_73-b02
Regards
GX
On Friday, 26 February 2016 14:05:34 UTC+2, Mark Drew wrote:
Upgrade the version of Java to 1.8 seems to be the common answer.
regards
Mark Drew
On 26 Feb 2016, at 07:23, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made
no difference, is there another way to set the TLS version? the pull
request in the above link seems to hard code the version at “TLSv1”
Regards
GX
–
Love Lucee? Become a supporter and be part of the Lucee project today!
You received this message because you are subscribed to the Google
Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com
https://groups.google.com/d/msgid/lucee/b9d8c704-24c2-408b-98b3-7f31a85edd44%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
Is this fixed in 4.5.3.018 ?On Friday, 26 February 2016 18:23:39 UTC+11, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made no
difference, is there another way to set the TLS version? the pull request
in the above link seems to hard code the version at “TLSv1”
Regards
GX
YesOn Wednesday, June 22, 2016 at 2:59:48 AM UTC+2, Bill Tindal wrote:
Is this fixed in 4.5.3.018 ?
On Friday, 26 February 2016 18:23:39 UTC+11, mail...@gmail.com wrote:
Hi All
I have a case where I need to do a https call using a client cert, at
first this did not work at all until I have across the below fix
[LDEV-469] - Lucee
So I tried the same code on the latest beta
(lucee-express-5.0.0.178-BETA.zip) this helped some however I have an issue
with the tls version, the reply from the remote server is:
{ “error_name” : “outdated_tls”, “error_advice”: “We require the use of
TLSv1.2 or greater for secure communication with our Real-time Listings
Service. Your request used TLSv1” }
I tried adding this to JAVA_OPTS -Dhttps.protocols=TLSv1.2 but it made
no difference, is there another way to set the TLS version? the pull
request in the above link seems to hard code the version at “TLSv1”
Regards
GX