4 Replies Latest reply on May 22, 2017 8:35 AM by jfb00

    CF 9 developer box with SSL

    jfb00 Level 3

      Hi All,

      I was able to setup CF9 with SSL in the pass using this https://forums.adobe.com/thread/1330662

      Getting an error using Firefox 53.0.2 when I open my site https://localhost:9100/mySite

      localhost:9100 uses an invalid security certificate.

      The certificate is not trusted because it is self-signed.

      The certificate is not valid for the name localhost.

      Error code: SEC_ERROR_UNKNOWN_ISSUER

      Adding the exception doesn't fix the issue because I cannot use my site with https.

      Any ideas about this issue?

      Best

       

      JFB

        • 1. Re: CF 9 developer box with SSL
          Dave Watts Level 4

          I'm not sure what you mean by "adding the exception doesn't fix the issue because I cannot use my site with https". What exactly happens when you add the exception? Do you get the same error after adding it as you got before adding it?

           

          Also, you might have another problem which won't be so easy to fix. The version of Java used by CF 9 is OLD. It doesn't support modern ciphers. Firefox may not allow you to use the older ciphers, once you fix the first problem.

           

          Is there a reason you can't just upgrade to CF 11 or CF 2016 for development?

           

          Dave Watts, CTO, Fig Leaf Software

          • 2. Re: CF 9 developer box with SSL
            jfb00 Level 3

            Thanks for your reply and help.

            "What exactly happens when you add the exception? Do you get the same error after adding it as you got before adding it?"

            I get a different error: Connection is not secure, SSL_ERROR_INTERNAL_ERROR_ALERT

             

            "The version of Java used by CF 9 is OLD"

            Ok, Let me upgrade to CF11. Can I do the same steps using CF11?

            Best,

            • 3. Re: CF 9 developer box with SSL
              jfb00 Level 3

              Hi All,

              I have CF11 installed with the latest update 11.

              Anyone configured CF11 using https?

              Thanks,

              • 4. Re: CF 9 developer box with SSL
                jfb00 Level 3

                I was able to configure ColdFusion server over SSL follow below mentioned steps:

                 

                1. Create Keystore:

                      Keytool -genkey -keyalg RSA -keystore websocket.crt -storepass changeit -alias wss -keypass changeit -validity 365

                 

                2. Configure ColdFusion to run over SSL port:

                 

                1. Uncomment "<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"  maxThreads="150" scheme="https" secure="true"   clientAuth="false" sslProtocol="TLS" />" this section in server.xml file available at <cf_home>/cfusion/runtime/conf.
                2. Add these attributes to above mentioned tag:
                  1. keystoreFile
                  2. keystorePass
                3. Save Changes.
                4. Restart ColdFusion service.
                5. Access ColdFusion administrator console using URL: https://127.0.0.1:8443/CFIDE/administrator/index.cfm

                 

                i got error file not found when I try to use the https for my site as:

                https://127.0.0.1:8443/mySite/index.cfm

                 

                My site https call is pointing to my C:\ColdFusion11\cfusion\wwwroot instead of my IIS folder C:\inetpub\wwwroot

                How can I fix this issue?

                Thanks,