2 Replies Latest reply on Dec 1, 2009 4:22 PM by Neo Rye

    An error occurred while establishing an sFTP connection

    Neo Rye Level 1

      We just moved to CF9 and now the cfftp tag does not work for secure connections. I get the following error:


      An error occurred while establishing an sFTP connection.

      Verify your connection attributes: username, password, server, fingerprint, port, key, connection, proxyServer, and secure (as applicable). Error: Session.connect: java.io.IOException: invalid data.


      Is anyone using CF9 with secure ftps connections and getting it to work? Has anything changed in CF9 that I'm not aware of. I can't seem to find any solution to this error and I get it on my dev and live server.



        • 1. Re: An error occurred while establishing an sFTP connection

          I have same problem, I can't seem to find fix or work around

          • 2. Re: An error occurred while establishing an sFTP connection
            Neo Rye Level 1

            Seems related to something in this post:





            ColdFusion loads "com.rsa.jsafe.provider.JsafeJCE" as the default security provider at startup. Perhaps there is something wrong with this provider like the “BC” provider mentioned in the link. Working with that info, I was able to dump my providers into an array where the first array position represents the default provider and shows JsafeJCE as the default:


            <cfset providerMethods = CreateObject('java','java.security.Security')>


            You can dump the providers:

            <cfdump var="#providerMethods.getProviders()#">



            I then made a copy of the provider like:

            <cfset jSafeProvider = providerMethods.getProvider('JsafeJCE')>


            I then removed it from the provider array:

            <cfset providerMethods.removeProvider('JsafeJCE')>


            I then made my sFTP call and this time it was successful.

            <cfftp action="open"



            I then put the provider back into the array in position 1 – the default:

            <cfset providerMethods.insertProviderAt(jSafeProvider,1)>




            I can’t say I know exactly what’s wrong and I certainly don’t want to remove the JsafeJCE provider from the default position for forever. I’ll let Adobe come up with a true fix, but for now, this provides me with a work-around so I can use sFTP. I’m sure JsafeJCE is used/required for some other encryption, so you’ll have to watch for other issues while it’s not part of the provider array. The quicker you can get it out/in, probably the better. My sFTP only runs a few times, so I feel OK with the possible side effects. Maybe someone can take it from here and find a better solution and not a simple work-around.