java - ColdFusion 10 - CFHTTP - Random peer not authenticated on SSL calls (cacerts file updated) -

java - ColdFusion 10 - CFHTTP - Random peer not authenticated on SSL calls (cacerts file updated) -

we have 9 coldfusion 10 servers running version 10,0,13,287689. we've added right certificates cacerts file java version beingness using coldfusion. our cfhttp ssl calls work correctly while, start returning peer not authenticated. not work agian until coldfusion instance recycled @ point work until fail again. there no info in coldfusion-out, coldfusion-error, http, or exception coldfusion logs regarding failure.

in addition, because cfhttp https calls begin failing on 1 coldfusion instance, doesn’t mean fail on other. our coldfusion servers have multiple coldfusion instances bound different websites. such, example, 1 instance may give peer not authenticated, , work correctly, despite both using same java version , cacerts file. again, recycling coldfusion instance isn't working resolve issue , cfhttp phone call no longer fail peer not authenticated.

this issue may related this: coldfusion cfhttp i/o exception: peer not authenticated - after adding certs keystore

however, i've tried steps here no avail, both 1 raymond , 1 peter in comments: http://www.raymondcamden.com/2011/1/12/diagnosing-a-cfhttp-issue--peer-not-authenticated

we've contacted adobe , investigating issue, thought i'd see if else has experienced these random cfhttp ssl failures

adobe back upwards has been absolutely no help. maintain insisting our certificates bad or not have our cacerts file setup correctly (despite fact worked fine on coldfusion 9 , work period of time after coldfusion instance recycled).

i ended working around issue interfacing java.net.url library straight using cfobject. when coldfusion instance begins failing peer not authenticated, using java.net.url still works.

here's snippet of code cffunction tag (which in custom tag) may help else stuck in situation:

<cfset var urlconnection = createobject("java", "java.net.url").init("#arguments.requesturl#").openconnection()> <cfset var inputreader = ""> <cfset var bufferedreader = ""> <cfset urlconnection.setrequestmethod(ucase(arguments.requestmethod))/> <cfset urlconnection.setrequestproperty("user-agent", cgi.http_user_agent)/> <cfif arguments.requestmethod eq "post"> <cfset urlconnection.setrequestproperty("content-type","application/x-www-form-urlencoded")/> <cfset urlconnection.setdooutput(true)/> <cfset outputwriter = createobject("java", "java.io.outputstreamwriter").init(urlconnection.getoutputstream())> <cfset outputwriter.write(arguments.requestdata)/> <cfset outputwriter.close()/> </cfif> <cfif isnull(urlconnection.geterrorstream()) eq true> <cfset inputreader = createobject("java", "java.io.inputstreamreader").init(urlconnection.getinputstream())> <cfelse> <cfset inputreader = createobject("java", "java.io.inputstreamreader").init(urlconnection.geterrorstream())> </cfif> <cfset bufferedreader = createobject("java", "java.io.bufferedreader").init(inputreader)>

java ssl coldfusion coldfusion-10 cfhttp