Copy link to clipboard
Copied
Hello,
So, first, some background - I need TLS 1.2 to work on my CF10 server for CFHTTP requests to PayPal (https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1914&viewlocale...).
After doing a bit of research, I'm still unsure as to whether you can actually get TLS 1.2 working with Java 7 on CF10, even though Java 7 supports it (see http://www.coldfusionmuse.com/index.cfm/2014/12/8/colfusion-jvm-versions-sslv3-tls) which has me wondering whether I need Java 8.
So, I'm thinking of upgrading CF10 to Java 8 which I know DOES work with TLS 1.2 but I rely heavily on SOLR and after reading Charlie Arehart's excellent article (CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!' - Charlie Arehart...) I'm concerned that whatever SOLR version shipped with CF10 won't be compatible with Java 8 and that having CF and SOLR pointing to different JREs is a bad idea.
Does anyone have any experience of upgrading CF10 to Java 8 and running SOLR? Does anyone know what happens if CF points to Java 8 and SOLR sticks with CF10s default Java 7 (minor version 15 I think)?
Thanks,
Louis
Copy link to clipboard
Copied
Hi, Louis. First, thanks for your kind regards.
As for your question, well, no, it would not be wise to try to point CF at an updated JVM and let Solr continue to point to the one built into CF. That was one of the concerns raised in the comments of my blog post you reference. I offered an answer with more details in my reply there from March of last year. But I have just updated the blog post to make that point more clear (as the last “problem/solution” pair in the post).
So, bottom line, if you DO update both CF and the Solr config files to point to the same Java 8 jvm, you should be ok…as long as you’re running the CF10 update which provided for support of Java 8, of course, which was update 14. While Adobe doesn’t mention that the Solr underlying CF does specifically support Java 8, you have every reason to presume it does, and I would say that I have seen no one complain of a problem with that.
That said, you do need to watch out for a possible need to copy the tools.jar file (for some aspects of CF to work, not Solr), as discussed at http://blogs.coldfusion.com/post.cfm/coldfusion-10-and-11-support-with-java-8, and also in that blog post of mine you reference.
Let us know how you get on.
/charlie
Copy link to clipboard
Copied
Thanks a lot for the speedy reply, Charlie.
I spent about 4 hours searching and reading around this issue yesterday and I also couldn't find anyone complaining that SOLR didn't run with Java 8 so I think you're right in seeing that as a good sign. I'm going to give it a go with Java 8 in the knowledge that I can always roll it back by pointing CF and SOLR back to the JRE within the CF install folder. I'll try this late tonight and post here with the results.
Thanks again,
Louis
Copy link to clipboard
Copied
Cool. Do let us know how it goes.
/charlie
Copy link to clipboard
Copied
I have a similar question. My Coldfusion code was working with PayPal's IPN up until they switched the security in January, and now it doesn't work anymore. Full disclosure, our Coldfusion server is OLD. Like Coldfusion 7, I think. Is this version not compatible with TLS 1.2? And if we need to upgrade, how current of an upgrade do we need to get? (Government worker, tight budget).
Copy link to clipboard
Copied
Hello,
Apologies for not getting back to you sooner. I have now completed my install of Java 8, I didn't have any problems and it works great with SOLR.
The best news is that when I CFHTTP to PayPal's sandbox and TLS 1.2 only URL - https://api-3t.sandbox.paypal.com/nvp - I am now getting a proper response rather than "handshake failure", so I know that TLS 1.2 is now supported.
Cheers,
Louis