• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

ColdFusion 9- I/O Exception: peer not authenticate

Explorer ,
Dec 01, 2021 Dec 01, 2021

Copy link to clipboard

Copied

 I am using ColdFusion 9 Enterprise edition and using CFHTTP to send data to consume an API for SMS services, but I am getting the following Error I/O Exception: peer not authenticated. cferror.jpg

My Code

    <cfhttp url='https://sms.itpark.pk/api/sendsms' method='POST' 
    multipart='yes' result='res'>
    <cfhttpparam type="header" name="username" value="03xxxxxxxx" >
    <cfhttpparam type="header" name="mask" value="ITPARK" >
    <cfhttpparam type="header" name="password" value="00xxxxxxx" >
    <cfhttpparam type="header" name="to" value="92300xxxxxxx" >
    <cfhttpparam type="header" name="from" value="92300xxxxxxx" >
    <cfhttpparam type="header" name="message" value="Some Message" >

</cfhttp>

What I Tried:
I've Googled and searched and tested all possible solutions. Even Installed the Certificate of the service provider, tried changing the JVM but ColdFusion 9 won't start. Tried to follow the instructions on adobe Website to patch 9.0.2, installed JDK1.7 but still the server won't start when restarted. May be the patch did not install correctly, though followed the exact instructions.. Then I installed ColdFusion 2021 developer edition to test and it worked. Its due to the JVM. CF9 supports Java version 1.6 and CF2021 supports Java 1.8, I even tried to add -Dhttps.protocols=TLSv1.2 but still no help.

 

Urgent Help Needed

TOPICS
Advanced techniques , Event gateways

Views

148

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 02, 2021 Dec 02, 2021

Copy link to clipboard

Copied

Long story short: move to a newer ColdFusion version, for example, 2021.

 

ColdFusion 9 is too old for the API you're trying to consume. CF9's Java version and security libraries are outdated. See the Java versions corresponding to CF9.

 

I appreciate how dificult it can be to persuade IT decision-makers to upgrade. Besides the financial considerations, there is the risk of disruption. I shall therefore give you some justification for upgrading.

 

Most APIs and web services move along with the times, requiring you, the consumer, to use the latest Java and TLS. You can confirm this for the sms.itpark service.

 

Go to the site https://www.ssllabs.com/ . Enter https://sms.itpark.pk and press the Submit button. Wait for the analysis to complete.

 

You can see that the site scores highly on the SSL scan (Grade A). The scan results also show that the site only accepts TLS v1.2 or above.

 

TLS1.0 and TLS1.1 are disabled by default from JDK11.0.11 and JDK1.8.0_291 onwards. You could interpret this as a minimum requirement for the sms.itpark site. However, as you have seen. CF9 is on JDK1.6 / JDK1.7, which don't support TLS v1.2.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 02, 2021 Dec 02, 2021

Copy link to clipboard

Copied

Besides what BKBK offers, I will say that updating the jvm should have been all you needed. I know you feel you did it. It's easy to do it wrong. I have lengthy blog posts on both topics above.

 

Then you say you updated cf9, and while that may have been valuable, that too is something you could get wrong, and I have blog posts on that, from that era.

 

I also have one from last month on devastating ransomeware attacks hitting cf9--though getting the cf9 updates from 2010 would address that. Still, as BKBK notes, it's very unwise for many reasons to remain on any cf version that no longer gets Adobe security updates, which is not only 9 and earlier but also 10, or 11, and 2016.

 

Anyway, you say you're need is urgent, so you don't likely want to deal with that upgrade to cf2021 or 2018 (let alone pay for the new license) right now, nor read a bunch of blog posts. I will add that I could help you get it all running today, possibly in as little as 15 mins (you may be very close to it working) or it might take an hour or two (if in your cf9 update efforts you may have messed things up, which was easy before cf10 added the new automated update process). You can learn more of my services and book time at carehart.org/consulting.

 

While I'm traveling today, I could make time for an emergency in the afternoon US eastern time though it's blocked out for now. If interested in that, email me instead at support at carehart.org.

 

If you can't or won't "pay for help", still send me an email if you want me to list all the blog post urls I'd mentioned above. I'm writing this on a phone and it would be too tedious to gather now. And emailing me would ensure I see you request for that.

 

Hope you get your problem resolved soon, and that you'll get off of such an old cf instance as soon as you can. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 02, 2021 Dec 02, 2021

Copy link to clipboard

Copied

LATEST

There is no longer official support for ColdFusion 9. But it remains a Java application. So what the heck, if you're willing to take risks, try the following.

 

Imitate the steps in the following archived page: https://web.archive.org/web/20200927173340/http://www.trunkful.com/index.cfm/2014/12/8/Preventing-SS...

The page was by someone who succeeded in getting ColdFusion 9 to work on Java 8. Incidentally, I think the flag -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1 is preferable to -Dhttps.protocols=TLSv1.2

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation