How to configure ColdFusion 2018 data source to use FIPS 140-2 encrypion to communicate with backend

Question

Looking for some help in configuring ColdFusion 2018 Enterprise to support FIPS 140-2 encryption with backend Oracle database. Searching thru Google, I have not found a complete answer. What I found so far is I need to update the JVM java.security file as well as the ColdFusion jvm.config file and maybe even the data source JDBC URL. Any assistance would be appreciated.

Application Server: ColdFusion 2018 Update 13
Java: Java SE Development Kit 11.0.14 (64-bit)

Updates to java.security file:
security.provider.1=com.rsa.jsafe.provider.JsafeJCE
security.provider.2=com.rsa.jsse.JsseProvider

Update to jvm.config file:
-Dcoldfusion.enablefipscrypto=true

Charlie Arehart · Answer

While I have no experience with attaining fips-compliant encryption with Oracle, it's not clear if you're saying you have tried these jvm changes.

If so, were you careful to make the

changes for the java.security file in the folder of the JVM that CF is pointing to? You mention being on Java 11.1.14, which is great (though 11.0.15 came out last week), so you'd want to be sure to edit the file NOT in \ColdFusion2018\jre\conf\security, but in the conf\security of wherever that new Java is, as pointed to in the CF Admin "java and jvm" page's first field.

So have you tried the changes, and is it working or is it not? It's not clear, even if you're just gathering info for now.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded