cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
1
Upvote

SSL Encryption for Data Sources

Guest
Mar 12, 2014 Mar 12, 2014

Copy link to clipboard

Copied

Sql 2012 and Coldfusion 10

We have read through the following guides

https://wikidocs.adobe.com/wiki/display/coldfusionen/Data+Source+Management+for+ColdFusion

http://helpx.adobe.com/coldfusion/kb/import-certificates-certificate-stores-coldfusion.html

Upon enabling SSL encryption on the SQL server, we are able to connect to the datasource with this connection string:

EncryptionMethod=SSL; ValidateServerCertificate=false;

**some of the information below has been anonymized for security purposes**

When enabling server validation, the connection begins timing out. We have imported the SQL certificate into the keystore using this command

C:\Program Files\Java\jre7\bin>keytool.exe -importcert -alias cstvnetsql9 xxx.xxx.ucf.edu -trustcacerts -file cstvnetsql9xxx.xxx.ucf.edu.cer -keystore cacerts -storepass changeit

Here is the ConnectionString we are using now:

EncryptionMethod=SSL; ValidateServerCertificate=true;TrustStore="C:\Program Files\Java\jre7\lib\security\cacerts";TrustStorePassword=changeit;HostNameInCertificate=CSTVNETSQL9xxx.xxx.ucf.edu;

Here is the error we receive:

Connection verification failed for data source: TJEEI
java.sql.SQLException: Timed out trying to establish connection
The root cause was that: java.sql.SQLException: Timed out trying to establish connection

Thanks.

TOPICS
Security

Views

4.0K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
vishu_13
Enthusiast ,
Mar 12, 2014 Mar 12, 2014

Copy link to clipboard

Copied

LATEST

SQL

  • Create self-signed certificate using IIS.
  • Configure SQL Server to communicate over SSL.
  • Export the certificate which we created in step 1, so that it can be imported in the key store. Do not export private key it is not required.

ColdFusion 10

  • Create a keystore

keytool -keystore sqlstore.jks -genkey -alias sqlstore

  • Import the certificate into this keystore:

keytool -importcert -file sqlserver.cer -keystore sqlstore.jks -storepass changeit -alias sqlserver

  • Use below mentioned attributes in the connection string :

EncryptionMethod=SSL; trustStore=C:/ColdFusion10/jre/bin/sqlstore.jks; trustStorePassword=changeit; ValidateServerCertificate=true;

NOTE: The subject property of the certificate and key store must indicate that the common name (CN) is the same as the host name or fully qualified domain name (FQDN) of the server computer.

You need to enable SSL encryption and need to set ValidateServerCertificate as false

HTH

Thanks

VJ

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices