Status/Resolution/Reason: Closed/Withdrawn/AsDesigned
Reporter/Name(from Bugbase): John Lang / John Lang (John Lang)
Created: 07/15/2016
Components: General Server
Versions: 2016,11.0,10.0
Failure Type: Data Corruption
Found In Build/Fixed In Build: CF11_Final /
Priority/Frequency: Normal / All users will encounter
Locale/System: English / Win 2012 Server x64
Vote Count: 0
Problem Description:
When looking at CGI.CERT_SUBJECT or CGI.CERT_ISSUER variables from ColdFusion, the information is stored in reverse of what it should be. This affects interacting with other applications that rely on certificate strings.
Steps to Reproduce:
Install certificate in your browser & setup web server to accept them. Look at results of CGI variables and compare to Java results when pulled from...
CGI.CERT_ISSUER compared to:
getPageContext().getRequest().getAttribute('javax.servlet.request.X509Certificate')[1].getIssuerDN().toString()
CGI.CERT_SUBJECT compared to:
getPageContext().getRequest().getAttribute('javax.servlet.request.X509Certificate')[1].getSubjectX500Principal().getName()
Actual Result:
From CGI.CERT_SUBJECT variable.. results are like..
C=1, O=2, OU=3, OU=4, OU=5, CN=6
From Java call they are..
CN=6, OU=5, OU=4, OU=3, O=2, C=1
Same happens with CGI.CERT_ISSUER
Expected Result:
Identical to Java calls
Any Workarounds:
I can use the Java calls but they are not intiuative at all. Only found by digging hard onto Stack Overflow and doing a lot of dumps to see what methods were available to me.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4172940
External Customer Info:
External Company:
External Customer Name: John Lang
External Customer Email:
External Test Config: My Hardware and Environment details: Windows Server 2012 R2. Both physical machines and VMs. 64 bitAttachments:
Comments: