Https & lucee 4.5.3.005

Ivan · February 12, 2016, 5:24pm

Hello to all,
today I upgraded from version 4.5.3.002 to 4.5.3.005 and does not work me
the https calls. I use the cfmailgun component:

and that makes a https call, but it gives me back error:

MailGun response body: [Connection Failure]

I opened a ticket with mailgun. For them it’s all ok.

is a problem of the latest Lucee updates?

Ivan · February 12, 2016, 5:51pm

error:

Ivan · February 12, 2016, 5:36pm

I tried from the terminal server and it works:

  curl -s --user 'api:YOUR_API_KEY' \
    https://api.mailgun.net/v3/YOUR_DOMAIN_NAME/messages \
    -F from='Excited User <mailgun@YOUR_DOMAIN_NAME>' \
    -F to=YOU@YOUR_DOMAIN_NAME \
    -F to=bar@example.com \
    -F subject='Hello' \
    -F text='Testing some Mailgun awesomness!'

I tried to remove the latest patches. Back to Lucee version 4.5.3.002.
But it does not work!

Ivan · February 12, 2016, 6:01pm

I did a test like that and it works…

<cfhttp method="get" url="https://en.wikipedia.org/wiki/Lucee" 
resolveurl="yes"> 

<cfoutput>
#cfhttp.FileContent#
</cfoutput>

I do not know what else I can try …

Ivan · February 13, 2016, 5:53pm

I’m trying to debug… This is the most specific error:

Unexpected mailgun response. Expected a validate object (structure) but 
received: [{"charset":"","text":true,"errordetail":"Unknown host: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target","filecontent":"Connection 
Failure","responseheader":{},"header":"","statuscode":"Connection Failure. 
Status code unavailable.","mimetype":"Unable to determine MIME type of 
file."}]

Allen_Weng · February 13, 2016, 1:33pm

Hi, Ivan

I don’t know cfmailgun, but can you please try to downgrade your httpclient
related jars to be version 4.3? (you might have the latest, version 4.5)
we had other cfhttp issue with lucee and those version 4.3 jars was the
only solution we found… please see

https://luceeserver.atlassian.net/browse/LDEV-669

you can download version 4.3 @
http://archive.apache.org/dist/httpcomponents/httpclient/binary/httpcomponents-client-4.3.6-bin.zip

unzip this file, rename

httpclient-4.3.6.jar
httpcore-4.3.3.jar
httpmime-4.3.6.jar

to

apache-commons-httpclient.jar
apache-commons-httpcore.jar
apache-commons-httpmime.jar

backup those original 3 jars from your Lucee ‘lib’ folder to other
directory outside Lucee lib…
stop Lucee, then replace the jars files with version 4.3 in the Lucee lib
folder.
restart Lucee and try cfmailgun again

if it is still not working, roll back to the jars you backup…

hope this helps…

Ivan · February 13, 2016, 5:44pm

Hello,
The component httpclient I updated in December 2015 when I did the clean
install of Lucee (I also updated sun-mail.jar). Today, for safety, I
updated again httpclient to 4.5.1 version. The problem is not solved.

I have a 1.8.0_66 Java version.

Ivan · February 15, 2016, 12:01pm

@Allen Weng: I tried to do a downgrade to 4.3.6 version of the component
but the situation has not changed.
@Dominic Watson: ok!

establishmindfulness · October 31, 2017, 8:07am

@dom_watson you are an absolute legend.

I have spent 8 hours trying to get this to work.

I will just explain my issue, in case others require guidance in future:

I have just installed an intermediate & primary SSL certificate on my VPS. Everything was working well, except when I make a cfhttp call:

<cfhttp url="https://advert.establishmindfulness.com/ad-zone-1/?categoryid=1" method="get" result="adzone" />
<cfdump var="#adzone#" />

From https://app.establishmindfulness.com to https://advert.establishmindfulness.com. These 2 subdomains are on the same server, and I am using a wildcard SSL certificate:

*.establishmindfulness.com

That covers all sub domains.

VPS environment

OS: Windows 2008R2 with IIS7
Application server: Lucee 4.5.2.018 final
Servlet Container: Apache Tomcat/8.0.28
Java: 1.8.0_66 (Oracle Corporation) 64bit

I tried just installing the certificate.cer that I grabbed from Internet Explorer, but maybe this is the wrong approach?

I still got the error:

Error Detail:

Unknown host: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

And then I read your genius answer, and now everything works.
By the way, I love the Lucee Admin section: “Services - SSL Certificates”
It makes installing certificates a breeze. Goodbye keytool.exe!

Thanks once again Dominic!

Dominic_Watson · October 31, 2017, 9:03am

Glad that you solved it I expect my answer was basically derived from someone else’s hard work and expertise but I’ll take the credit

However, my answer isn’t listed here… might be helpful if it could be referenced somewhere if it is useful - @modius any ideas?

modius · October 31, 2017, 9:15am

I recovered the last post from a late post to the google-group; perhaps the original thread got split in the migration and your original answer is somewhere else in the archive?

Charlesr · October 31, 2017, 9:22am

Dominic. I have added this answer & a reference to your original solution, to a StackOverflow question that I created, a few months ago. So hopefully, this will now reach a wider audience.