I need to replace two web servers with IIS 6 and Coldfusion MX Enterprise, but I’m having trouble connecting to LDAPS with the replacement servers. I followed the instructions at http://kb2.adobe.com/cps/191/tn_19139.html, to no avail. I know that it isn’t a coding problem, as the same test page works in production.
Here are the steps I have taken
- Updated Coldfusion to 7,0,2,142559
- Installed Hotfix 3 cumulative (chf7020003.jar)
- installed j2sdk1.4.2
_11, which is the same version as is currently running in production.- configured Coldfusion to use this JVM (C:\j2sdk1.4.2_11\jre)
- imported the same CA cert as is in production to the cacerts store under C:\j2sdk1.4.2_11\jre\lib\security\cacerts
- ran this coldfusion page to test the connection (works fine in production)
<cftry> <cfldap action="QUERY" name="initialbind" attributes="dn" start="dc=company,dc=com" scope="Subtree" server="ldapauthnz.company.com" username= "uid=user,ou=accounts,dc=company,dc=com" password= "password1" secure="CFSSL_BASIC" timeout="5" port="636" > LDAPS is Working <cfcatch> LDAPS is not working </cfcatch> </cftry>
- I can telnet to the LDAPS server successfully, so it is not a firewall problem
I’m not sure what other details would be useful for me to provide, please let me know.
ETA:
I got in touch with the LDAP admin to see if he could send me any log excerpts. He said that the logging was fairly useless, but pointed me to an updated cert. I installed the new cert and things are working now. Not sure why production works with the old cert and the new server doesn’t, but things are working now. Thank you Terry and squillman for your help.
Answer
My first thought would be a certificate problem when trying to establish the SSL connection. Do you see any connection attempts from the CF server in the LDAP server log? If so, what do they say?
Attribution
Source : Link , Question Author : JamesCW , Answer Author : squillman
