I believe the problem lies in Coldfusion's ability to handle SSLv3 sessions. Search for "SSLv3" in this article:
http://ruthsarian.wordpress.com/2009/10/26/washing-client-certs-in-coldfusion-with-soap-part-2/I ended up using the custom tag CFX_HTTP5
http://www.cftagstore.com/tags/cfxhttp5.cfm Example:
<cfoutput>
<cfsavecontent variable="soap"><SOAP-ENV:En
velope xmlns:SOAP-ENV="
http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="
http://schemas.xmlsoap.org/soap/encoding/"
>
<SOAP-ENV:Body xmlns:m="
https://services.labcorpsolutions.com/webservice/services/LabcorpOTS">
<m:changePassword>
<userId></userId>
<password></password>
<newPassword></newPassword>
</m:changePassword>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope></cfsavec
ontent>
</cfoutput>
<CFSET HEADER="SOAPACTION:changeP
assword#Ch
r(13)##Chr
(10)#Conte
nt-Type: application/soap+xml; charset=utf-8#Chr(13)##Chr
(10)#conte
nt-length:
#len(soap)
##Chr(13)#
#Chr(10)#c
harset:utf
-8#Chr(13)
##Chr(10)#
">
<CFX_HTTP5 METHOD="post" URL="
https://services.labcorpsolutions.com/webservice/services/LabcorpOTS" HEADERS=#HEADER# BODY=#soap# SSLERRORS="OK" OUT="result">
<cfoutput>#result#</cfoutput>