curl: an alternative for cfhttp
When I first started programming in ColdFusion I used the cfhttp tag quite a lot. However, the cfhttp does not have an insecure option. This means you have to install the website certificate for each website you wish to connect to. As far as I know, this cannot be automated. And btw installing a certificate in the ColdFusion truststore is somewhat of a hassle (more info: https://helpx.adobe.com/coldfusion/kb/import-certificates-certificate-stores-coldfusion.html )
Curl to the rescue. Curl is a command-line program to communicate to or from a server. Curl is available for many operating systems including Windows and Unix.
Curl has an insecure flag -k or –insecure. This means curl will skip the certificate validation. Of course, this makes the connection way less secure and you should not send your credit card information over the internet using this flag. However in many cases this is not a problem at all. Furthermore as far as i know the -k or –insecure flags does not mean the data itself is no longer encrypted. It only means the validation of the certificate is skipped. More information about curl can be found here: https://curl.se/docs/manpage.html
<cfexecute
name = "#Path_To_Curl_Folder#curl.exe"
arguments = "--insecure https://www.bing.com/search?q=test&form=QBLH"
variable="response"
timeout = "20">
</cfexecute>
<Cfdump var=#response#>
Thank you for posting this … it just helped my company save $3000/year to NOT have to upgrade to CF Server 2025. Overall, it’s an “icky” solution, but given that the web app this applies to is inside the corporate network, and that we’ve updated CF 2018 to its limit (for CF and JRE), this is an excellent solution that enables a specific feature that relies on a RESTful endpoint, and it now works once again. Very cool that you made this available … thanks!