问题描述
我有一个API在我的两个网络服务器之一运行,但不在另一个或我的本地机器上运行,而是当我在登录过程中发送https请求时,得到连接失败。
这些请求非常简单,在运行的三个服务器之一上没有问题。第一个如下:
< cfhttp url =https://accounts.ea.com/connect/auth ?response_type = code& client_id = EASFC-web& state = 59c5a8f1c4e7a991c1da0b54504c38e45f4d8d78& redirect_uri = http%3A%2F%2Fwww.easports.com%2Ffifa%2Ffootball-club%2Flogin_check& locale = uk& scope = basic.identity + basic.persona + signin + offlinemethod =GETresult =Stage2redirect =false>
< cfhttpparam type =headername =Acceptvalue =text / html,application / xhtml + xml,application / xml; q = 0.9,* / *; q = 0.8/>
< cfhttpparam type =headername =Accept-Encodingvalue =gzip,deflate/>
< cfhttpparam type =headername =Accept-Languagevalue =en-US,en; q = 0.5/>
< cfhttpparam type =headername =Connectionvalue =keep-alive/>
< cfhttpparam type =headername =Hostvalue =accounts.ea.com/>
< cfhttpparam type =headername =User-Agentvalue =Mozilla / 5.0(Windows NT 6.2; WOW64)AppleWebKit / 537.36(KHTML,像Gecko)Chrome / 27.0.1453.110 Safari / 537.36 />
< / cfhttp>
我看了一下,这似乎是一个常见的问题,但此修复程序没有提供快乐。
我假设有一些安全设置,我可能忽略?
有人有任何建议吗?
这是CFDUMP中返回的内容:
调试信息
ColdFusion Server Developer 9 ,0,0,251028
模板/CraigTest/FUT/FIFACPB/logInSearchAccount17.cfm
时间戳09-Dec-13 11:40 AM
语言英语(英国)
用户代理Mozilla / 5.0(Windows NT 6.1; WOW64; rv:25.0)Gecko / 20100101 Firefox / 25.0
远程IP 127.0.0.1
主机名127.0.0.1
________________________________________
执行时间
总时间平均时间计数模板
608 ms 608 ms 1 C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm
5 ms 5 ms 1 CFC [C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\Application.cfc | onRequestStart(/CraigTest/FUT/FIFACPB/logInSearchAccount17.cfm)]从C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\Application.cfc
1 ms 1 ms 1 CFC [C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Player.cfc | init([complex value])] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Player.cfc
0 ms 0 ms 1 CFC [C: \Services \web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Bid.cfc | init([complex value])] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Bid.cfc
0 ms 0 ms 1 CFC [C: \Services \web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Club.cfc | init([complex value])] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Club.cfc
0 ms 0 ms 1 CFC [C: \Services \web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Connect.cfc | init([复数值])]来自C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Connect.cfc
0 ms 0 ms 1 CFC [C: \Services \web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Search.cfc | init([complex value])] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Search.cfc
0 ms 0 ms 1 CFC [C: \Services \web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\doLogin.cfc | init([complex value])] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\doLogin.cfc
4 ms STARTUP,PARSING,COMPILING,LOADING ,& SHUTDOWN
617 ms TOTAL EXECUTION TIME
red =超过250 ms平均执行时间
________________________________________
范围变量
CGI变量:
AUTH_PASSWORD =
AUTH_TYPE =
AUTH_USER =
CERT_COOKIE =
CERT_FLAGS =
CERT_ISSUER =
CERT_KEYSIZE =
CERT_SECRETKEYSIZE =
CERT_SERIALNUMBER =
CERT_SERVER_ISSUER =
CERT_SERVER_SUBJECT =
CERT_SUBJECT =
CF_TEMPLATE_PATH = C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm
CONTENT_LENGTH =
CONTENT_TYPE =
CONTEXT_PATH =
GATEWAY_INTERFACE =
HTTPS =
HTTPS_KEYSIZE =
HTTPS_SECRETKEYSIZE =
HTTPS_SERVER_ISSUER =
HTTPS_SERVER_SUBJECT =
HTTP_ACCEPT = text / html,application / xhtml + xml,application / xml; q = 0.9,* / *; q = 0.8
HTTP_ACCEPT_ENCODING = gzip,deflate
HTTP_ACCEPT_LANGUAGE = en-US,en; q = 0.5
HTTP_CONNECTION = keep-alive
HTTP_COOKIE = cf_debug_general = block; cf_debug_template_stack = block; CFID = 15108; CFTOKEN = 12249080; CFAUTHORIZATION_cfadmin = YWRtaW4NRTg5NzE2OTdCODczMUI0MDVBM0UxRTZCMjI2N0I1MDA5M0QzQkE4MQ1jZmFkbWlu CFADMIN_LASTPAGE_ADMIN =%2FCFIDE%2Fadministrator%2Fdebugging%2Findex%2Ecfm
HTTP_HOST = 127.0.0.1:8500
HTTP_REFERER =
HTTP_USER_AGENT = Mozilla / 5.0(Windows NT 6.1; WOW64; rv:25.0)Gecko / 20100101 Firefox / 25.0
PATH_INFO =
PATH_TRANSLATED = C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm
QUERY_STRING = reinit = 1
REMOTE_ADDR = 127.0.0.1
REMOTE_HOST = 127.0.0.1
REMOTE_USER =
REQUEST_METHOD = GET
SCRIPT_NAME = / CraigTest / FUT / FIFACPB / logInSearchAccount17.cfm
SERVER_NAME = 127.0.0.1
SERVER_PORT = 8500
SERVER_PORT_SECURE = 0
SERVER_PROTOCOL = HTTP / 1.1
SERVER_SOFTWARE =
WEB_SERVER_API =
Cookie变量:
CFADMIN_LASTPAGE_ADMIN = / CFIDE /管理员/调试/ index.cfm
CFAUTHORIZATION_cfadmin = YWRtaW4NRTg5NzE2OTdCODczMUI0MDVBM0UxRTZCMjI2N0I1MDA5M0QzQkE4MQ1jZmFkbWlu
CFID = 15108
CFTOKEN = 12249080
cf_debug_general =块
cf_debug_template_stack =块
会话变量:
biddingaccountloggedin = 0
biddingaccountloginattempts = 0
cfid = 15108
cftoken = 12249080
mainaccountloggedin = 0
mainaccountloginattempts = 0
pricingaccountloggedin = 0
pricingaccountloginattempts = 0
searchaccount10loggedin = 0
searchaccount10loginattempts = 0
searchaccount11loggedin = 0
searchaccount11loginattempts = 0
searchaccount12loggedin = 0
searchaccount12loginattempts = 0
searchaccount13loggedin = 0
searchaccount13loginattempts = 0
searchaccount14loggedin = 0
searchaccount14loginattempts = 0
searchaccount15loggedin = 0
searchaccount15loginattempts = 0
searchaccount16loggedin = 0
searchaccount16loginattempts = 0
searchaccount17gamertag = ZappyShrimp8
searchaccount17loggedin = 0
searchaccount17loginattempts = 0
searchaccount18loggedin = 0
searchaccount18loginattempts = 0
searchaccount19loggedin = 0
searchaccount19loginattempts = 0
searchaccount1loggedin = 0
searchaccount1loginattempts = 0
searchaccount20loggedin = 0
searchaccount20loginattempts = 0
searchaccount21loggedin = 0
searchaccount21loginattempts = 0
searchaccount22loggedin = 0
searchaccount22loginattempts = 0
searchaccount23loggedin = 0
searchaccount23loginattempts = 0
searchaccount24loggedin = 0
searchaccount24loginattempts = 0
searchaccount25loggedin = 0
searchaccount25loginattempts = 0
searchaccount26loggedin = 0
searchaccount26loginattempts = 0
searchaccount27loggedin = 0
searchaccount27loginattempts = 0
searchaccount28loggedin = 0
searchaccount28loginattempts = 0
searchaccount29loggedin = 0
searchaccount29loginattempts = 0
searchaccount2loggedin = 0
searchaccount2loginattempts = 0
searchaccount30loggedin = 0
searchaccount30loginattempts = 0
searchaccount3loggedin = 0
searchaccount3loginattempts = 0
searchaccount4loggedin = 0
searchaccount4loginattempts = 0
searchaccount5loggedin = 0
searchaccount5loginattempts = 0
searchaccount6loggedin = 0
searchaccount6loginattempts = 0
searchaccount8loggedin = 0
searchaccount8loginattempts = 0
sessionid = FIFAAUTOBUYER_15108_12249080
urltoken = CFID = 15108& CFTOKEN = 12249080
网址参数:
reinit = 1
调试渲染时间:21 ms
CFDUMP STAGE2:
struct
Charset [空字符串]
ErrorDetail I / O异常:peer未通过身份验证
Filecontent连接失败
头文件]
Mimetype无法确定文件的MIME类型。
Responseheader
struct [empty]
状态码连接失败。状态代码不可用。
文本YES
code> cfhttp 通过SSL(https)连接,则ColdFusion服务器肯定需要安装证书才能成功连接。以下是我对类似问题的上一个回答:
以下是为了将证书安装到ColdFusion的Java密钥库而需要执行的步骤。首先,请确保您正在更新ColdFusion正在使用的正确的cacerts文件。如果您在该服务器上安装了多个JRE。您可以验证JRE ColdFusion正在从系统信息下的管理员使用。查找Java Home行。
需要先获得证书的副本。这可以通过使用Internet Explorer来完成。请注意,不同版本的Internet Explorer会稍有不同,但应与这些步骤非常相似。例如,早期版本的IE可能会将证书保存在与我提到的不同的标签下。
- 浏览到SSL网址在Internet Explorer中 - https://xyz/infoLookup.php?wsdl 。
- 锁定图标并点击查看证书
- 然后点击安装证书...按钮(注意:如果没有看到此按钮,必须关闭IE并以管理员身份运行)
- 点击IE的互联网选项并点击内容标签
- 点击证书按钮
- 选择该证书并点击导出...按钮
- 使用DER格式导出
将导出的证书文件复制到ColdFusion服务器(如果需要,可以从IE中删除证书)
- 在ColdFusion服务器上以管理员身份运行 cmd
- 备份原始cacerts文件以防遇到问题
-
要安装证书:
- 将目录更改为您的信任库
- 输入此命令(使用当前jvm并使用当前jvm的keytool)c:\program files\java\\ \\ jre7 \bin\keytool-import -v -alias your_cert_alias_name -file C:\wherever_you_saved_the_file\cert_file.cer -keystore cacerts -storepass changeit
- 在提示符下输入yes以信任此证书?
注意:* your_cert_alias_name *
注意:* C:\wherever_you_saved_the_file\cert_file.cer *将这些值更改为用于服务器文件夹和证书文件名的任何值
要验证证书:
- 键入此命令(使用当前jvm并使用当前jvm的keytool)c: \program files\java\jre7\bin\keytool-list -v -keystore cacerts -alias your_cert_alias_name -storepass changeit
注意:* your_cert_alias_name *使用上面用于安装证书的相同名称
重新启动ColdFusion服务
如果您愿意,您可以从服务器中删除导入的证书文件。
I have an API that runs fine on one of my two web servers but not on the other one or on my local machine, instead I get a connection failure when I send https requests as part the login process.
The requests are very simple and works without a problem on one of the three servers it is being run on. The first one is as follows:
<cfhttp url="https://accounts.ea.com/connect/auth?response_type=code&client_id=EASFC-web&state=59c5a8f1c4e7a991c1da0b54504c38e45f4d8d78&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Ffootball-club%2Flogin_check&locale=uk&scope=basic.identity+basic.persona+signin+offline " method="GET" result="Stage2" redirect="false"> <cfhttpparam type="header" name="Accept" value="text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" /> <cfhttpparam type="header" name="Accept-Encoding" value="gzip, deflate" /> <cfhttpparam type="header" name="Accept-Language" value="en-US, en;q=0.5" /> <cfhttpparam type="header" name="Connection" value="keep-alive" /> <cfhttpparam type="header" name="Host" value="accounts.ea.com" /> <cfhttpparam type="header" name="User-Agent" value="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36" /> </cfhttp>
I've had a look and this seems to be a common issue but this fix provided no joy.
I'm assuming there's some security setting that I am perhaps overlooking? I'm able to hit the page and login within the browser on my local machine if that helps.
Does anyone have any advice?
This is what is returned in a CFDUMP:
Debugging Information ColdFusion Server Developer 9,0,0,251028 Template /CraigTest/FUT/FIFACPB/logInSearchAccount17.cfm Time Stamp 09-Dec-13 11:40 AM Locale English (UK) User Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 Remote IP 127.0.0.1 Host Name 127.0.0.1 ________________________________________ Execution Time Total Time Avg Time Count Template 608 ms 608 ms 1 C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm 5 ms 5 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\Application.cfc | onRequestStart(/CraigTest/FUT/FIFACPB/logInSearchAccount17.cfm) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\Application.cfc 1 ms 1 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Player.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Player.cfc 0 ms 0 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Bid.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Bid.cfc 0 ms 0 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Club.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Club.cfc 0 ms 0 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Connect.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Connect.cfc 0 ms 0 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Search.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\Search.cfc 0 ms 0 ms 1 CFC[ C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\doLogin.cfc | init([complex value]) ] from C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\cfcs\doLogin.cfc 4 ms STARTUP, PARSING, COMPILING, LOADING, & SHUTDOWN 617 ms TOTAL EXECUTION TIME red = over 250 ms average execution time ________________________________________ Scope Variables CGI Variables: AUTH_PASSWORD= AUTH_TYPE= AUTH_USER= CERT_COOKIE= CERT_FLAGS= CERT_ISSUER= CERT_KEYSIZE= CERT_SECRETKEYSIZE= CERT_SERIALNUMBER= CERT_SERVER_ISSUER= CERT_SERVER_SUBJECT= CERT_SUBJECT= CF_TEMPLATE_PATH=C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm CONTENT_LENGTH= CONTENT_TYPE= CONTEXT_PATH= GATEWAY_INTERFACE= HTTPS= HTTPS_KEYSIZE= HTTPS_SECRETKEYSIZE= HTTPS_SERVER_ISSUER= HTTPS_SERVER_SUBJECT= HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_ENCODING=gzip, deflate HTTP_ACCEPT_LANGUAGE=en-US,en;q=0.5 HTTP_CONNECTION=keep-alive HTTP_COOKIE=cf_debug_general=block; cf_debug_template_stack=block; CFID=15108; CFTOKEN=12249080; CFAUTHORIZATION_cfadmin=YWRtaW4NRTg5NzE2OTdCODczMUI0MDVBM0UxRTZCMjI2N0I1MDA5M0QzQkE4MQ1jZmFkbWlu; CFADMIN_LASTPAGE_ADMIN=%2FCFIDE%2Fadministrator%2Fdebugging%2Findex%2Ecfm HTTP_HOST=127.0.0.1:8500 HTTP_REFERER= HTTP_USER_AGENT=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 PATH_INFO= PATH_TRANSLATED=C:\Services\web\wwwroot\CraigTest\FUT\FIFACPB\logInSearchAccount17.cfm QUERY_STRING=reinit=1 REMOTE_ADDR=127.0.0.1 REMOTE_HOST=127.0.0.1 REMOTE_USER= REQUEST_METHOD=GET SCRIPT_NAME=/CraigTest/FUT/FIFACPB/logInSearchAccount17.cfm SERVER_NAME=127.0.0.1 SERVER_PORT=8500 SERVER_PORT_SECURE=0 SERVER_PROTOCOL=HTTP/1.1 SERVER_SOFTWARE= WEB_SERVER_API= Cookie Variables: CFADMIN_LASTPAGE_ADMIN=/CFIDE/administrator/debugging/index.cfm CFAUTHORIZATION_cfadmin=YWRtaW4NRTg5NzE2OTdCODczMUI0MDVBM0UxRTZCMjI2N0I1MDA5M0QzQkE4MQ1jZmFkbWlu CFID=15108 CFTOKEN=12249080 cf_debug_general=block cf_debug_template_stack=block Session Variables: biddingaccountloggedin=0 biddingaccountloginattempts=0 cfid=15108 cftoken=12249080 mainaccountloggedin=0 mainaccountloginattempts=0 pricingaccountloggedin=0 pricingaccountloginattempts=0 searchaccount10loggedin=0 searchaccount10loginattempts=0 searchaccount11loggedin=0 searchaccount11loginattempts=0 searchaccount12loggedin=0 searchaccount12loginattempts=0 searchaccount13loggedin=0 searchaccount13loginattempts=0 searchaccount14loggedin=0 searchaccount14loginattempts=0 searchaccount15loggedin=0 searchaccount15loginattempts=0 searchaccount16loggedin=0 searchaccount16loginattempts=0 searchaccount17gamertag=ZappyShrimp8 searchaccount17loggedin=0 searchaccount17loginattempts=0 searchaccount18loggedin=0 searchaccount18loginattempts=0 searchaccount19loggedin=0 searchaccount19loginattempts=0 searchaccount1loggedin=0 searchaccount1loginattempts=0 searchaccount20loggedin=0 searchaccount20loginattempts=0 searchaccount21loggedin=0 searchaccount21loginattempts=0 searchaccount22loggedin=0 searchaccount22loginattempts=0 searchaccount23loggedin=0 searchaccount23loginattempts=0 searchaccount24loggedin=0 searchaccount24loginattempts=0 searchaccount25loggedin=0 searchaccount25loginattempts=0 searchaccount26loggedin=0 searchaccount26loginattempts=0 searchaccount27loggedin=0 searchaccount27loginattempts=0 searchaccount28loggedin=0 searchaccount28loginattempts=0 searchaccount29loggedin=0 searchaccount29loginattempts=0 searchaccount2loggedin=0 searchaccount2loginattempts=0 searchaccount30loggedin=0 searchaccount30loginattempts=0 searchaccount3loggedin=0 searchaccount3loginattempts=0 searchaccount4loggedin=0 searchaccount4loginattempts=0 searchaccount5loggedin=0 searchaccount5loginattempts=0 searchaccount6loggedin=0 searchaccount6loginattempts=0 searchaccount8loggedin=0 searchaccount8loginattempts=0 sessionid=FIFAAUTOBUYER_15108_12249080 urltoken=CFID=15108&CFTOKEN=12249080 URL Parameters: reinit=1 Debug Rendering Time: 21 ms
CFDUMP STAGE2:
struct Charset [empty string] ErrorDetail I/O Exception: peer not authenticated Filecontent Connection Failure Header [empty string] Mimetype Unable to determine MIME type of file. Responseheader struct [empty] Statuscode Connection Failure. Status code unavailable. Text YES
If you are using cfhttp to connect via SSL (https) then the ColdFusion server definitely needs the certificate installed to successfully connect. Here is a previous answer that I gave on a similar issue:
Here are the steps you need to perform in order to install the certificate to the Java keystore for ColdFusion. First, be sure you are updating the correct cacerts file that ColdFusion is using. In case you have more than one JRE installed on that server. You can verify the JRE ColdFusion is using from the administrator under the 'System Information'. Look for the Java Home line.
In order to install the certificate you need to first get a copy of the certificate. This can be done by using Internet Explorer. Note that different versions of Internet Explorer will behave slightly differently but should be very similar to these steps. For example, earlier versions of IE might save the certificate under a different tab than I mention.
- Browse to the SSL URL in Internet Explorer - https://xyz/infoLookup.php?wsdl.
- View the certificate by clicking on the lock icon and clicking view certificate
- Then click the Install Certificate... button (note: if you do not see this button you must close IE and run it as administrator first)
- Click on IE's Internet Options and click the Content tab
- Click the Certificates button
- Find the server's certificate under the Intermediate Certification Authorities tab, select the cert and click the Export... button
- Export using DER format
Copy the exported certificate file to your ColdFusion server (you can delete the cert from IE if you want)
- Run cmd prompt as administrator on the ColdFusion server
- Make a backup of the original cacerts file in case you run into issues
To install the cert:
- Change directory to your truststore's location (where the cacerts file is located)
- Type this command (use current jvm and use current jvm's keytool) "c:\program files\java\jre7\bin\keytool" -import -v -alias your_cert_alias_name -file C:\wherever_you_saved_the_file\cert_file.cer -keystore cacerts -storepass changeit
- Type yes at the prompt to "Trust this certificate?"
Note: *your_cert_alias_name* I used above can be whatever you want
Note: *C:\wherever_you_saved_the_file\cert_file.cer* change these values to whatever you use for the server folder and certificate file name
To verify the cert:
- Type this command (use current jvm and use current jvm's keytool) "c:\program files\java\jre7\bin\keytool" -list -v -keystore cacerts -alias your_cert_alias_name -storepass changeit
Note: *your_cert_alias_name* use the same name here that you used above to install the cert
Restart the ColdFusion service It will not read the updated cacerts file until you do this.
You can delete the imported certificate file from the server if you wish.
这篇关于ColdFusion https连接失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!