2 Replies Latest reply on Dec 1, 2009 4:22 PM by Neo Rye

    An error occurred while establishing an sFTP connection

    Neo Rye Level 1

      We just moved to CF9 and now the cfftp tag does not work for secure connections. I get the following error:

       

      An error occurred while establishing an sFTP connection.

      Verify your connection attributes: username, password, server, fingerprint, port, key, connection, proxyServer, and secure (as applicable). Error: Session.connect: java.io.IOException: invalid data.

       

      Is anyone using CF9 with secure ftps connections and getting it to work? Has anything changed in CF9 that I'm not aware of. I can't seem to find any solution to this error and I get it on my dev and live server.

       

      Thanks!

        • 1. Re: An error occurred while establishing an sFTP connection
          opticsponge

          I have same problem, I can't seem to find fix or work around

          • 2. Re: An error occurred while establishing an sFTP connection
            Neo Rye Level 1

            Seems related to something in this post:

             

            https://bugs.eclipse.org/bugs/show_bug.cgi?id=175058

             

             

            ColdFusion loads "com.rsa.jsafe.provider.JsafeJCE" as the default security provider at startup. Perhaps there is something wrong with this provider like the “BC” provider mentioned in the link. Working with that info, I was able to dump my providers into an array where the first array position represents the default provider and shows JsafeJCE as the default:

             


            <cfset providerMethods = CreateObject('java','java.security.Security')>

             

            You can dump the providers:

            <cfdump var="#providerMethods.getProviders()#">

             

             

            I then made a copy of the provider like:

            <cfset jSafeProvider = providerMethods.getProvider('JsafeJCE')>

             

            I then removed it from the provider array:

            <cfset providerMethods.removeProvider('JsafeJCE')>

             

            I then made my sFTP call and this time it was successful.

            <cfftp action="open"

                        secure="true”…

             

            I then put the provider back into the array in position 1 – the default:

            <cfset providerMethods.insertProviderAt(jSafeProvider,1)>

             

             

             

            I can’t say I know exactly what’s wrong and I certainly don’t want to remove the JsafeJCE provider from the default position for forever. I’ll let Adobe come up with a true fix, but for now, this provides me with a work-around so I can use sFTP. I’m sure JsafeJCE is used/required for some other encryption, so you’ll have to watch for other issues while it’s not part of the provider array. The quicker you can get it out/in, probably the better. My sFTP only runs a few times, so I feel OK with the possible side effects. Maybe someone can take it from here and find a better solution and not a simple work-around.