Feb 14 2012

Export a digital certificate via the command line (MacOS)

Have you ever tried to capture and/or view the certificate of a website you are connecting to with Safari?

Ever wonder how to export an SSL certificate from a site on the Safari web browser?

It seems quite easy on Internet Explorer and FireFox to perform this task.  However, after many minutes of trying to figure it out it seems, Safari doesn’t contain its own certificate repository, but instead makes use of the certificate infrastructure built into Mac OS X.  You can import/export/view certificates using the Keychain Access utility.

Here’s one method for grabbing a site’s certificate yourself:

  1. Open a Terminal window.
  2.  Enter the following command: openssl s_client -connect someSSLserver.com:443

Make sure to replace ‘someSSLserver.com’ with the actual host you want to connect to. The output in Terminal should contain a block of text that looks like this:

—–BEGIN CERTIFICATE—–
…encoded certificate data
—–END CERTIFICATE—–

There may be more than one of these blocks if more than one certificate is involved. Copy each block (including the BEGIN and END lines) into a file whose name ends in “.pem” (for example, “cert.pem”). Terminal has a “Save Selected Text As…” menu item which works great for this purpose.

Jan 31 2012

Coding Standards… Why you need them!

Recently, I heard an Applications Development Manager say “Why do we need coding standards? We are doing fine without them.”  I was shocked, surprised and amazed at how something like this could come out of the mouth of a person who managed at least 30 developers.  Then, I thought about it, and realized that was a big reason why his developers had so many issues with their development releases.  It was very sad to see that the “leader” of so many developers felt this way.

So, let me tell you why coding standards are important.  Coding standards are sometimes overlooked but a very critical attribute of software development.  I should note that while they may be sometimes overlooked, to say they are not necessary in a development environment is not smart.

Following a consistent coding standard helps improve the quality of the overall web applications being developed. The key to a good coding standard is consistency. This consistency needs to be found within the standard itself (in other words, you need to make sure that guidelines don’t contradict one another) but also within the source code that uses the standard. Completed source code should reflect a harmonized style, as if a single developer wrote the code in one session.

This usually leads to the argument that “writing sloppy code provides job security”. In a way, this is true. If you are the only one that can understand the code (both structurally and functionally) you will be the only one that can make changes and bug fixes to that code. This is what you want, right? That way, you will never be able to leave that product behind to someone else and advance your career.

The more readable source code is, the easier it is for someone to maintain that code. By following a consistent style, it allows other developers to step in and help with maintenance or new development.

By creating source code that is easier for a developer to understand, it becomes easier to find and correct bugs. It also provides a better view of how that code fits within the larger application and, in some cases, the company as a whole. This clearer view leads to the potential for more code reuse, which can have a dramatic affect on cost and development effort.

There is also a mental factor that comes into play when adopting code standards. This factor is the sense of “code ownership”. Code ownership refers to a feeling of pride about the quality of the work done and a desire to see that code perform as expected. The higher the sense of ownership, the better the quality of the code becomes.

This sense of code ownership increases as the application becomes more stable and the code becomes easier to maintain. The higher the sense of ownership, the better the developer feels about their skills. The better the developer feels about their skills, the better the code becomes.

When a developer feels better about themselves and the job they are able to perform, the quality of their work increases. This ends up creating a developer and development team that has a strong sense of ownership of the code and a strong desire to see that application succeed.

By establishing and following a consistent set of code standards, you can foster this sense of ownership and improve the quality of the code being written.

Nov 9 2008

Adding a certificate to the ColdFusion keystore

When trying to connect to an HTTPS site using the cfhttp tag, the tag may produce the error:

Unable to connect to SSL site error

Unable to connect to SSL site error

To use HTTPS with the cfhttp tag, you might need to manually import the certificate for each web server into the keystore for the JRE that ColdFusion uses. This procedure may not be necessary if the certificate is signed (issued) by an authority that the JSSE (Java Secure Sockets Extension) recognizes (for example, Verisign); that is, if the signing authority is in the cacerts already. This procedure should only be necessary if the server URL is not in any of the certificates and they have not expired.

However, you might need to use the procedure if you are issuing SSL (secure sockets layer) certificates yourself.  The instructions below show how to install a certificate into a ColdFusion 8 keystore, multi-server install.

  1. Place the certificate on the ColdFusion server.
  2. Change to the directory {cf_installdirectory}/jre/lib/security
  3. Import the cert (keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias anyalias -file certificatefile)
  4. If the import is successful you will get a confirmation that the certificate was added to the keystore.
  5. Restart coldfusion.

This procedure can also be helpful if scheduled tasks that connect to SSL servers are not running.

May 11 2008

ColdFusion 8 Certification

I took the ColdFusion 8 certification exam today, and I passed it. What i found was, however, that it was a little more in depth than the previous versions of the exams. The previous ColdFusion certification exams had about 1/4 of the questions on general web development and HTML. The Adobe ColdFusion exam had 64 questions which were all ColdFusion related, and they touched on quite a few topics that a typical developer would not use in an everyday development shop.

The exam covered questions covering topics such as:

  • Application Framework (Application.cfc)
  • Handling exceptions
  • Databases
  • XML
  • Code Reuse
  • File management

I believe the test generates random questions so that each test is different. If thats the case, then I am sure more topics were included in the exam.

After taking the exam, I would recommed developers brush up on the new tags and functions included in ColdFusion 8. The cfimage, cfpdf and the cfdocument tags were included in the test questions I received. The were also one or two LDAP questions as well.

Currently there is no study guide for the CF8 certification so you are on your own to find resources to study for this exam. If you have been previously certified in ColdFusion 7 then I think you can probably get through this painlessly by just brushing up on your old skills and learning the new tags and functions.

Mar 22 2008

Installing a CFX tag in ColdFusion 8 Multi-server Configuration

Recently I was asked to install a java CFX tag in the ColdFusion 8 Multi-server Configuration. I figured this would be an easy task, as I had done this many times before in the standalone server configuration. I went into the ColdFusion Administrator and installed the CFX tag as normal. However, when I called the CFX tag from the code I received an error that I had never seen before. The error was 500 com/allaire/cfx/CustomTag.

After trying everything I could think of, I decided to compare the java class paths between the stand alone configuration and the multi-server configuration. I found that the cfx.jar file was missing from the java class path in the multi-server configuration. ColdFusion therefore could not load com.allaire.cfx.CustomTag class. So, I decided to add the cfx.jar file to the java classpath and see if that would solve my error. To add the cfx.jar file to the classpath in the ColdFusion multi-server edition you must follow these steps.

  1. Open the jvm.config file located at {application.home}/bin
  2. Add {application.home}/servers/cfusion/cfusion-ear/cfusion-war/WEB-INF/lib to the section “java.class.path”
  3. Save the jvm.config file
  4. Restart the ColdFusion service.

After restarting the ColdFusion service, login to the CF administrator and go to the settings summary. Confirm that the cfx.jar file is in the java classpath. It was there, and I was able to call the CustomTag from my code.

Hope this helps anyone who runs into the same issue.