Activating SSL on Coldfusion 9

Report · Nov 07, 2013

Hello,

I am using Coldfusion 9 with the built-in web server. I edited jrun.xml to uncomment the SSL section and directed it to my keystore in which I imported my certificate.

Yet, when I start the server, I receive the following error :

No available certificate or key corresponds to the SSL cipher suites which are enabled.

javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

Where can this come from?

Thanks in advance for your help!

Report · Nov 14, 2013

Hi Reing

Steps to enable SSL/https for CF 9

Do not use the inbuilt jre of ColdFusion 9. Install JDK and then use it's jre like C:\Program Files\Java\jdk1.7.0_25\jre\bin

You can download the lates jdk from this link : http://www.oracle.com/technetwork/java/javase/downloads/index.html

1> Open command prompt as run as Admin and change the directory to C:\Program Files\Java\jdk1.7.0_25\jre\bin

cd C:\Program Files\Java\jdk1.7.0_25\jre\bin

NOTE : The JDK version might be differenct as there is a new version available

2> Run this command

keytool -genkey -alias server -keyalg RSA -keystore key

Fill in the details and use the password "changeit"

3> Now move the keystore name "key" from C:\Program Files\Java\jdk1.7.0_25\jre\bin to C:\ColdFusion9\runtime\lib

4> Go to C:\ColdFusion9\runtime\bin and take a back up of jvm.config. Open jvm.config and add the argument mentioned below under "Arguments to VM" at the end without any commas or in the next line. Just a single space after the last word and then paste the argument mentioned below

-Djavax.net.ssl.trustStore= C:\\ColdFusion9\\runtime\\lib -Djavax.net.ssl.trustStorePassword=changeit

5> Go to C:\ColdFusion9\runtime\servers\coldfusion\SERVER-INF and take a backup of jrun.xml. Open jrun.xml in notepad and uncomment the ssl information like this

<!-- Uncomment this service to use SSL with the JRun Web Server

Note that you MUST create your own keystore before using this service -->

<attribute name="keyStore">{jrun.rootdir}/lib/key </attribute>

<attribute name="keyStorePassword">changeit</attribute>

<attribute name="trustStore">{jrun.rootdir}/lib/trustStore </attribute>

<attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory </attribute>

</service>

6> Save jrun.xml and restart coldfusion 9 application server service. Open https://localhost:9100 and you will be able to run ColdFusion 9 as https

HTH

Thanks
VJ

Report · Feb 15, 2017

I followed these directions and my ColdFusion 9 application server service would not restart. I got a message of "Windows could not start the ColdFusion 9 Application Server on Local Computer. For more information, review the System Event log. If this is a non-Microsoft service, contact the service vendor and refer to service specific error code 2."

There's nothing in the system log... Any ideas? I'm not a ColdFusion user. I've inherited this site and am really struggling with the learning curve.

Thanks.

Heather

Report · Feb 16, 2017

This generally means what ever change you made has broken the CF config. I would restore all the changes you made (Hope you took a backup of the files before changing them!)

Then check the services restart. Try the change again make sure no strange characters are there and all the paths are correct. For example, sometimes its a bad idea to copy and paste from forums as all sorts of formatting might follow depending on the editor you use. Incorrect "" are usually a prime suspect!

Adobe Community

Activating SSL on Coldfusion 9