http error saying unable to make an https connection

Question

I have this Java code but when i run it, it says the https connection cannot be made to https

something is wrong in this i am trying to use this because of webdav functionality

try{
    socket.init(this.host, this.port);
}
catch(Object e){
    return { error="Could not connect to host." };
}

if( socket.isConnected() ){


    // send a request
    output = createObject("java", "java.io.PrintWriter").init(socket.getOutputStream());
    output.println(arguments.method & " " & this.path & arguments.appendUrl & " HTTP/1.1");
    output.println("Authorization: Basic "& ToBase64(this.username &":"& this.password) );
    output.println("Host: "& this.host &":"& this.port );

    if(isDefined("arguments.headers")){
        for(i=1; i lte ArrayLen(arguments.headers); i++){
            output.println(arguments.headers[i].name &": "& arguments.headers[i].value);
        }
    }

    output.println("Content-Type: "& arguments.contentType );
    output.println("User-Agent: "& this.userAgent);
    output.println("Content-Length: "& Len(arguments.data) );
    output.println("Connection: close" );
    output.println();
    output.println(arguments.data);
    output.flush();

                
                            

                // read back the response
                input = createObject( "java", "java.io.BufferedReader").init(createObject( "java", "java.io.InputStreamReader").init(socket.getInputStream()) );
                
                while(true){
                    line = input.readLine();
                    if(not isDefined('line') or line eq -1)
                        break;
                    result.raw &= line & newLine;
                }

                output.close();
                input.close();
                socket.close();

even for https, i dump the socket and it returns me true and after that it just fails with an error code, i tried it on lucee but unable to make it work

the port i am passing is 443

any guidance

HTTP/1.1 400 Bad Request Server: ZGS Date: Sun, 24 Apr 2022 13:05:20 GMT Content-Type: text/html Content-Length: 220 Connection: close <html> <head><title>400 The plain HTTP request was sent to HTTPS port</title></head> <body> <center><h1>400 Bad Request</h1></center> <center>The plain HTTP request was sent to HTTPS port</center> </body> </html>

and if i pass port 80, i get `301 moved permanently ` – simone Apr 24 '22 at 13:08 — simone, Apr 24 '22 at 13:08

Stephen C · Answer 1 · 2022-04-24T13:52:59.540

2

There are a few problems. But they can be summed up as follows:

Don't attempt to use a Socket to talk to an HTTP / HTTPS server.

A modern Java SE class library includes a perfectly serviceable HTTP client class that can handle all of the intricacies of talking to an HTTP 1.0, 1.1, 2.0, etc server. Use it. Or use a 3rd party client library if you prefer.

This will solve most, if not all of your problems. And a whole bunch more problems that you might encounter.

Now to the specifics:

When you connect to an HTTPS server (on port 433), you need to establish an SSL/TLS connection. The plain Socket implementation doesn't know how to do that. You need to use SSLSocket instead.
A 3xx response is a redirect. In the case of a 301, the response should should include a header that gives the URI to redirect to. Your code needs to retrieve the URI and send a new request ... to there.
Since you got the 301 when you changed port 443 to port 80, my guess is that it is a redirect to port 443! A lot of web services no longer accept requests on port 80, because traffic can be easily snooped, and credentials and other private information can be stolen.

I notice that you are sending Basic-Auth headers ... containing credentials. Doing that to an HTTP port is just asking to be hacked.

It also looks like your code is mangled. You seem to have changed + to & or something like that. And <= to lte too. And you are using and and not as operators. And you are catching Object. That ain't Java.

edited Apr 24 '22 at 13:52

answered Apr 24 '22 at 13:47

Stephen C

698,415
94
811
1,216

because i am using coldfusion, not java and coldfusion has some differences when written in cfscript – simone Apr 24 '22 at 21:24
can you show me a bit sample of the ssl you are saying, i can't get my head around – simone Apr 24 '22 at 21:37
The standard HttpClient library was introduced in Java 9. If you are using CF 2016 or later, it should be available (see https://coldfusion.adobe.com/2021/01/table-of-java-to-cf-versions/). If you are stuck on an older version of CF, look for a version of the Apache HTTP client that will work with your CF. – Stephen C Apr 24 '22 at 23:14
its not a normal httpcliet, i am using for caldav and there are sme responseheaders which work with that java code – simone Apr 25 '22 at 14:01
1

I know your code is not using the normal `HttpClient` provided by Java 9+. I am saying that it >should< do, and then you won't have these problems. It strikes me as implausible that you have to talk to an HTTP server like that in ColdFusion. The Java 9 `HttpClient` allows you to use any HTTP headers you want to. – Stephen C Apr 25 '22 at 14:02
can you share some sample code, as to what i am trying to o, that will help, i am just unrated if it comes to java – simone Apr 25 '22 at 18:01
There are plenty of HttpClient examples on the web, including [from cfscript](https://stackoverflow.com/questions/7979208/using-apache-httpcomponents-for-http-requests-with-ntlm-authentication) in the SO archives. You haven't explained why you can't just use cfhttp. Without more info this sounds like an [xy problem](https://xyproblem.info/) – SOS Apr 25 '22 at 18:09

http error saying unable to make an https connection

1 Answers1