8 Replies Latest reply: Nov 12, 2013 1:30 PM by billrosspaxedi RSS

    SSL not working

    billrosspaxedi

      I have Coldfusion 10 and Coldfusion Builder 2.0 installed entirely on my local Windows 8 machine. I'm using the builtin Tomcat server.

       

      I'm accessing the server using Remote Data Services (RDS).

       

      When I try to run my application it won't run because the IDE runs it as https://localhost:8500/MyApp

       

      If I copy the link and change it to http://localhost:8500/MyApp then it works.

       

      I have both TLS and SSL enabled in Internet Explorer.

       

      I understand that if you use JRun then you have to install a certificate, but I'm not using JRun.

       

      So how can I either get CF Builder to not put the "s" in or get Tomcat to accept it?

       

      Thanks,

       

      Bill

        • 1. Re: SSL not working
          vishu#13 Community Member

          Hi

           

          Try the steps mentioned below

           

          Open Command Prompt as Run as Admin and change the directory to  C:\ColdFusion10\jre\bin

           

          Type the command below and press Enter

           

          keytool.exe -genkey -alias tomcat -keyalg RSA

           

          Enter the password : changeit

           

          Now in the this location: C:\Users\username you will get a .keystore

           

          Open the server.xml of the ColdFusion instance : C:\ColdFusion10\cfusion\runtime\conf

           

          Uncomment the SSl/https

           

            <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"

                         maxThreads="150" scheme="https" secure="true"

                         keystoreFile="C:\Users\username\.keystore" keystorePass="changeit" keyAlias="tomcat"

                         clientAuth="false" sslProtocol="TLS" />

           

          NOTE : You need to add the keystore info in it as I did above

           

          Save and restart the ColdFusion 10 Application server service

           

          Now open https://localhost:8443 and it will work

           

          NOTE : The https port in server.xml is 8443

           

          Thanks

          VJ

          • 2. Re: SSL not working
            billrosspaxedi Community Member

            Thank you for these detailed instructions. However, the problem persists.

             

             

             

            The problem is probably related to the fact I’m unable to start my localhost server:

             

             

             

            :ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510)

             

            :JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized ../../../src/share/back/debugInit.c:741

             

            :Error(11/12 at 01:58:47) Server is not responsive.

             

             

             

            Do you know what I would do about that?

             

             

             

            Thanks,

             

             

             

            Bill

            • 3. Re: SSL not working
              vishu#13 Community Member

              billrosspaxedi wrote:

               

              The problem is probably related to the fact I’m unable to start my localhost server:

               

              Is your hosts file (C:\Windows\System32\drivers\etc) looks like this?

               

              Capture.JPG

               

              You need to add 127.0.01 for localhost in the hosts file.

               

              Thanks
              VJ

              • 4. Re: SSL not working
                billrosspaxedi Community Member

                I changed it by removing the comment, like so:

                 

                 

                 

                1. Copyright (c) 1993-2009 Microsoft Corp.

                 

                #

                 

                1. This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

                 

                #

                 

                1. This file contains the mappings of IP addresses to host names. Each

                 

                1. entry should be kept on an individual line. The IP address should

                 

                1. be placed in the first column followed by the corresponding host name.

                 

                1. The IP address and the host name should be separated by at least one

                 

                1. space.

                 

                #

                 

                1. Additionally, comments (such as these) may be inserted on individual

                 

                1. lines or following the machine name denoted by a '#' symbol.

                 

                #

                 

                1. For example:

                 

                #

                 

                1.      102.54.94.97     rhino.acme.com          # source server

                 

                1.       38.25.63.10     x.acme.com              # x client host

                 

                 

                 

                1. localhost name resolution is handled within DNS itself.

                 

                              127.0.0.1       localhost

                 

                1.            ::1             localhost

                 

                 

                 

                But no difference. Do I need to restart the CF services?

                • 5. Re: SSL not working
                  vishu#13 Community Member

                  Restart the machine. What happens when you try 127.0.0.1 instead of localhost? Then try

                  • 6. Re: SSL not working
                    billrosspaxedi Community Member

                    I restarted the main service, reran and got this:

                     

                     

                     

                    :FATAL ERROR in native method: JDWP No transports initialized, jvmtiError=AGENT_ERROR_TRANSPORT_INIT(197)

                     

                    :ERROR: transport error 202: bind failed: Address already in use

                     

                    :ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510)

                     

                    :JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized ../../../src/share/back/debugInit.c:741

                     

                    :Error(11/12 at 03:00:57) Server is not responsive.

                    • 7. Re: SSL not working
                      vishu#13 Community Member

                      As you mentioned above that if you try http://localhost:8500, it works which means there is no issue with the localhost then.

                       

                      Go to C:\ColdFusion10\cfusion\bin  and take a backup of jvm.config

                       

                      Now open the jvm.config, Add following argument in jvm.config after the argument line (not in a new line)

                       

                      -Djavax.net.ssl.trustStore=C:\\ColdFusion10\\jre\\lib\\security\\cacerts -Djavax.net.ssl.trustStorePassword=changeit

                       

                      Then restart the ColdFusion 10 Application server service and run https://localhost:8443

                       

                      Thanks

                      VJ

                      • 8. Re: SSL not working
                        billrosspaxedi Community Member

                        When trying to restart the Application Server service:

                         

                         

                         

                         

                         

                         

                         

                        I had changed it to:

                         

                         

                         

                        1. Arguments to VM

                         

                        java.args=-server  -Xms256m -Xmx512m -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -XX:MaxPermSize=192m -XX:+UseParallelGC -Xbatch -Dcoldfusion.home={application.home} -Dcoldfusion.rootDir={application.home} -Dcoldfusion.libPath={application.home}/lib -Dorg.apache.coyote.USE_CUSTOM_STATUS_MSG_IN_HEADER=true -Dcoldfusion.jsafe.defaultalgo=FIPS186Random -Dcoldfusion.classPath={application.home}/lib/updates,{application.home}/lib,{application .home}/lib/axis2,{application.home}/gateway/lib/,{application.home}/wwwroot/WEB-INF/flex/j ars,{application.home}/wwwroot/WEB-INF/cfform/jars,"CLASSPATH =.;C:
                        Program Files
                        Microsoft JDBC Driver 4.0 for SQL Server
                        sqljdbc_4.0
                        enu
                        sqljdbc.jar" -Djavax.net.ssl.trustStore=C:
                        ColdFusion10
                        jre
                        lib
                        security
                        cacer ts -Djavax.net.ssl.trustStorePassword="changeit”

                         

                         

                         

                        (I put the correct password for “changeit”).

                         

                         

                         

                        Did I do it right?

                         

                         

                         

                        Thanks,

                         

                         

                         

                        Bill