Local Update Site Help

Frustrating, I know. But something about your restricted environment is the issue. There WILL be a way to your updates done. Just depends on the problem. Questions:

1. What is the current value for the update url and packages url?  FWIW, the default value for the "update site" url for CF2023 are https://www.adobe.com/go/coldfusion-updates--which redirects to https://www.adobe.com/go/coldfusion-updates, which does have CF2023 (and cf2025) updates listed within its json result. The default "packages site" url is https://www.adobe.com/go/cf2023_packages--which redirects to https://cfmodules.adobe.com/cf2023/bundlesdependency.json, and which has only cf2023 package updates in it.
   
   
2. Whatever your values are is, can you browse to either of THOSE values successfully from a browser on that dev machine where you're trying to update? If not, what's the error.
   
   
3. Even if you can, the real question is whether cf can. Create a simple test page to do a cfhttp to each of your urls, dumping the output. Do they succeed or fail? What if you try the default URLs I offered above?
   
   
4. Finally, regarding the "proxy settings" your trying (at the bottom of that package mgt page), you would be naming something on your end (not Adobe's). If that can't be reached, reconsider what value you're specifying.

Let us know how the above goes.

1. The defaults, https://www.adobe.com/go/coldfusion-updates and https://www.adobe.com/go/cf2023_packages

2. I can reach them fine in a browser

3. Just trying to get me to google using cfhttp gives some auth required error from the company

4. I managed to get a '407 proxy authentication required' after trying everything possible. Could be anything with our network that I don't know how to fix.

Even if we don't do the proxy, any idea what that illegal character error is? We've successfully done update 13 in the same way we're trying 14 and 15 now. I tried scouring the config files to see where that path is being created with 2 different slashes but can't find anything.

The illegal character is just the message you get when the update mechanism doesn't get what it expects--which is almost always down to the url's being unreachable or returningunexpected content. (And to be clear, the default ones you list DO work, so again it's got to be something in your environment. )

When you say in point 2 that they "work fine in a browser", I sure hope you caught the key point was to be trying that from a browser on the machine running CF. But assuming that's true, note that there may be reasons (on your end) why the URL may still fail from within CF and NOT the browser.

It could be about browser proxy configuration (that allows it, where CF does not), or it could be about security protection software that is ALLOWING that call from your browser but NOT from CF, even though both are on the same machine. So that point, let's focus on the cfhttp call from within CF.

When you say in reply to my point 3 that " Just trying to get me to google using cfhttp gives some auth required error from the company", by "the company" do you mean your company?

If you're saying you need help how to DO the cfhttp, see below:

<cfhttp url="https://www.adobe.com/go/coldfusion-updates">
<cfdump var="#cfhttp#">

 Put that in some cf page and run it. Then try the same with the packages url.

The URLs work fine in a browser on the machine where CF is running correct. And yes I meant my company. But that is only if I do an unsecure http connection.

Trying your lines gives:

struct

Without https I get a response I can't post here and this header:

struct

But I have the entire repo bundle on my machine and it is still getting this error. For sanity sake I disconnected from the internet entirely and tried reinstalling one of the failed packages in cfadmin and get the same index error. It should work entirely offline should it not?

Yes, it's possible to install the updates entirely offline. See the steps in each update's technote. Follow them carefully, without shortcuts.

Let us know how it goes. We can proceed from there for any needed further troubleshooting. 

@joeyg60012433 , If all you want is to install ColdFusion 2023 Update 15 manually, what about just following the steps in the section "Install the update in offline mode manually" on the page ColdFusion (2023 release) Update 15?

The steps (with slight modification) are:

1.  Download the ColdFusion 2023 packages zip file.
2.  Stop ColdFusion 2023.
3.  Add the flag -Djdk.util.zip.disableZip64ExtraFieldValidation=true to java.args in jvm.config.
4.  Save a copy of your current directory C:\ColdFusion2023\bundles, as bundles_back-up, outside of ColdFusion. You might need it later, in case you wanted to revert the installation.
5.  Extract the zip file you downloaded in Step 1. Its contents look like this:
   
   

    

    

6.  Copy all the content from the unpacked directory (for example, using CTRL-A followed by CTRL-C), and paste it in the directory C:\ColdFusion2023\bundles, choosing to replace any files already in the bundles directory.
7.  Open the directory C:\ColdFusion2023\bundles\updateinstallers and confirm that it contains the Update 15 installer, hotfix-015-330825.jar
8.  Open the Command Prompt (CMD) as Administrator. Run the DOS command
   C:\ColdFusion2023\jre\bin\java.exe  -jar C:\ColdFusion2023\bundles\updateinstallers\hotfix-015-330825.jar
9. Restart ColdFusion.

Thanks for sharing your fix.

It's perhaps just as well that you don't want to spend time to find the reason. The cause is a recent worrisome bug in ColdFusion's update process. 

It would have been great if this apparently known bug was listed in the update notes 🙂

What "recent worrisome bug" is that, bkbk?

I still contend this is simply an issue of Joey's environment being restricted and so he needs to do a manual offline update...or he needs to change the cf admin package manager page to configure the proxy settings which it seems he needs in order to allow the cf admin update mechanism to download the updates and packages. 

That's what I'm saying though. I've been doing the manual update following the instructions. I did not explicity say that in the OP to be fair. But it looks like the updater is just deleting some jar files while doing a  manual update.

Me trying to configure the proxy was an alternative because the offline update wasn't working.

The only other thing about this I've seen was https://community.adobe.com/t5/coldfusion-discussions/cold-fusion-2021-update-20-sqlserver-package-f...

But he didn't get an answer. Just recopied the files like I am doing.

In following the manual update, do you do exactly what it says? Some try to take a shortcut by just extracting the zip into the bundles folder, which is not what it says to do (and which I'd warned about originally). Doing that merges new files with old, which may confuse matters.

Doing the approach documented in the technote does require changing the packagesurl, which is annoying (but it is what's documented, and should work for you. I'm not aware of a known bug with that.)  Sadly the docs don't mention how that packagesurl can be changed in the admin, without dorking with the neo updates.xml file. 

That said, I've wondered if the better solution would be for them to tell people to instead just delete (or to be safe, rename) the bundles folder and THEN extract the zip into that location.

(Even then people need to be careful: some zip extraction processes create unexpected folders in their destination. It has to result in [cf]/bundles/repo, etc., not /bundles/bundles or anything else. )

With this approach (to doing a manual offline install), the packagesurl would just need to then be set to point the bundlesdependency.json file in that [cf]/bundles folder...and it would not need to be changed each update. 

If anyone has thoughts I'd welcome them. I've been meaning to test this (but am writing from a phone) and then document it as a proposed improvement.  Writing here is a first step. 

Charlie, the recent worrisome bug in ColdFusion is that, during the installation of an update, libraries occasionally go missing from the repo.

I'm not aware of that as a known bug. Do you have info from Adobe indicating that?

Instead, I've found in helping people that what was happening is that the update process for packages runs on startup, and if it thinks there's an update to do, It REMOVES the related jars then.

But then if there's some subsequent problem that keeps it finding the updated packages to APPLY, then it leaves people the impression you're reflecting. But that's not a bug, it's a process error that can be solved. 

I suppose, what you've described, and call a process error, I call a bug.

Here are two examples: 

https://tracker.adobe.com/#/view/CF-4226427 

https://tracker.adobe.com/#/view/CF-4226718