1 Reply Latest reply on Oct 5, 2006 10:46 AM by meddlingwithfire

    ssl secure connection for cf application, anything special other   than ssl

    Level 7
      I have an app that needs to send some sensitive info over https...

      once i have https connection (I have ssl cetificate and all that, secure
      connection working as it should) do i need to do anything else in cf
      coding to ensurre the data is securely transmitted?

      for example i see that in .asp there are some commands for connecting to
      datasource that include some encryption stuff...


      begin asp snippet)

      'Initiate Encryption
      Dim RC4
      Set RC4 = Server.CreateObject("RC4DLL.Crypt")
      Set MyConn = Server.CreateObject("ADODB.Connection")


      (end asp snippet)

      any advice much appreciated


        • 1. ssl secure connection for cf application, anything special other   than ssl
          Nope -- you don't have to do anything. SSL is all handled by your HTTP server. ColdFusion doesn't care whether the request was HTTPS or not.

          Consumer requests .cfm HTTPS resource
          Server receives & decrypts HTTPS request
          Server sends decrypted Request to ColdFusion
          ColdFusion processes decrypted Request
          ColdFusion sends results back to Server
          Server encrypts CF results
          Server sends encrypted results back to Consumer

          The HTTP server you're running takes care of everything SSL related. ColdFusion doesn't care one way or the other.

          The best way to make sure your data is secure -- look for the lock on your browser when you test it. Double click it and make sure all your certificate information is valid and up to date. If that's all good, then you have no problems.