tracker issue : CF-4118394

select a category, or use search below
(searches all categories and all time range)
Title:

CF2016: cfhttp - use of buggy 4.4.1 http components (hostname verification fails when it shouldn't)

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/Duplicate

Reporter/Name(from Bugbase): Ryan Potter / Ryan Potter (Ryan Potter)

Created: 02/16/2016

Components: Net Protocols, HTTP

Versions: 11.0

Failure Type: Usability Issue

Found In Build/Fixed In Build: CF11_Final /

Priority/Frequency: Major / All users will encounter

Locale/System: ALL / Windows 10 64 bit

Vote Count: 2

Duplicate ID:	CF-4118754

Problem Description:
After installing 2016, cfhttp calls to https://www.googleapis.com no longer worked, returning this error: "Host name 'www.googleapis.com' does not match the certificate subject provided by the peer (CN=*.storage.googleapis.com, O=Google Inc, L=Mountain View, ST=California, C=US)"

Looks like there is an error in 4.4 which CF2016 now uses: https://issues.apache.org/jira/browse/HTTPCLIENT-1613


Any Workarounds:
I replaced the following 4.4.1 jar files (found in C:\ColdFusion2016\cfusion\lib) with the 5.5 jar files from https://repo1.maven.org/maven2/org/apache/httpcomponents/
httpclient-4.4.1.jar
httpclient-cache-4.4.1.jar
httpcore-4.4.1.jar
httpmime-4.4.1.jar

Restarted cf, it worked. No idea if I needed to replace all of them, but I did.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4118394

External Customer Info:
External Company:  
External Customer Name: Ryan Potter
External Customer Email:

Attachments:

Comments:

This worked in CF11
Comment by External U.
4754 | February 16, 2016 10:02:08 PM GMT
CFHTTP is extremely CRITICAL as we saw with forcing the full upgrade of CFHTTP is ColdFusion 10. This needs to be resolved.
Vote by External U.
4755 | February 19, 2016 01:36:12 PM GMT