Skip to main content
M
Movak
Participating Frequently
April 28, 2017
Question

Coldfusion MX 6.1 TLSv 1.1

  • April 28, 2017
  • 4 replies
  • 1712 views

Is it possible to use TLSv 1.1 on Coldfusion MX 6.1? If so how can I do it?

Any help would be appreciated.

Thanks,

Joe Klovance

    This topic has been closed for replies.

    4 replies

    M
    MovakAuthor
    Participating Frequently
    May 3, 2017

    I worked it out. I had to do the following;

    1. Upgrade the curl on the server to 7.24 (had to build it)
    2. Write a temp script file with the Curl command (to get around CFHTTP issue with multiple parameters)
    3. Execute the script using CFEXECUTE

    The only problem now is that the script file hangs around. I have tried to use CFFILE action="delete" but I get no errors but the file stays. The file name is the same as when I write the script.

    James Moberg
    James Moberg
    Inspiring
    May 15, 2017

    ColdFusion likes to maintain locks on files for some weird reason.  I used to encounter the same problem when manipulating image files.

    Make sure you add a UUID to the filname creating the temporary BAT file.  Execute it from a non-publicly accessible temp directory and then schedule another script to delete old files.

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    April 29, 2017

    Movak  wrote

    Is it possible to use TLSv 1.1 on Coldfusion MX 6.1?

    You can answer the question yourself. The earliest version of Java to support TLS 1.1 is 1.6.0_111. So, can you get your Coldfusion MX 6.1 installation to run on Java 1.6.0_111?

    James Moberg
    James Moberg
    Inspiring
    April 28, 2017

    I noted that you stated you were using Linix, not Windows... but for anyone that visits this post using Windows and ColdFusion 3.1, 4.5, 5, 6, 7, 8, 9, 10, 11 or 2016, I recommending using Abiadata's CFX_HTTP.

    Adiabata, Inc. - CFX_HTTP5

    FYI:  Authorize.Net plans to disable TLS 1.0 and TLS 1.1 by September 18, 2017.  This will cause problems for anyone running ColdFusion 3-9 (and potentially CF10.)   CFX_HTTP5 has a feature that enables you specify which protocols to use.  (We use SSL="5" to force all HTTP Posts to to use TLS1.2.)

    H
    haxtbh
    Inspiring
    April 28, 2017

    TLS will depend on the underlying operating system as well. You will need Windows 7 / 2008 R2 to have it available.

    v1.1 is available from Java 1.8 on CF10 and 1.7 on CF 11.

    So no is the answer

    M
    MovakAuthor
    Participating Frequently
    April 28, 2017

    TLS 1.1 is also available on JRE 1.6.0_111. I am also talking a linux install not Windows.

    WolfShade
    WolfShade
    Legend
    April 28, 2017

    I hate to be the party pooper, here, but unless your CF installation is strictly intranet (ie, not public-facing), then you want to seriously consider upgrading to AT LEAST CF10.

    MX6 is so old that not only are you missing out on some nice features but you're also gambling with your site/app security.  While the *nix platform will help with that, a public-facing MX6 install (really anything less than CF10) could be more vulnerable to malicious activities.  Even if you use USG DoD security measures.

    Just a thought.

    V/r,

    ^_^

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices