I am making a cfhttp call from my main server to reporting server. And it was working fine until few days ago.
But suddenly it has started giving errors when I am trying to make http call through cfhttp. Following is the error dump :
Charset [empty string]
ErrorDetail I/O Exception: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
Filecontent Connection Failure
Header [empty string]
Mimetype Unable to determine MIME type of file.
Statuscode Connection Failure. Status code unavailable.
Because this error has start coming all of sudden.I suspect is it because of automatic java update.
I had seen some links related truststore key missing , but nothing was related to coldfusion.
Anyone having idea regarding this ?
Thanks in advance
Upgrading java to latest version on both the servers resolved my problem.
FYI: This change just started in Feb 2016.... Java 1.8 is automatically updating (during restart) and deleting old versions of JRE. Our CF 10 Server quit parsing XML, resizing images and CFHTTP was broken until we updated the Java path to point to the new JRE sub-directory.
Jamo Did you install the consumer JRE or the server JDK (which has a JRE inside of it) originally? I don't think the JDKs do automatic updates, whereas the consumer JREs do. If you install the JDK and use the JRE inside of it instead, it should be safe from automatic updates.
We installed the JRE for use w/CF10. I thought the official ColdFusion blog indicated that JDK was specifically required for CF9, but not for CF10. I have both JDK/JRE installers downloaded. We'll migrate to the JDK during our next restart. I posted my comment because this is one of the few pages that showed up in search results when searching by the error message.
I think people jumped on switching to the consumer JRE for CF10/11 because it's smaller. But the trade-off is the automatic updates. Although, if I recall correctly, if you are using Windows, you can go into the Java Control Panel applet and disable the automatic update checking. Also, if you pay attention during the update installation, there's a step where it asks you if you want to remove older versions - you can tell it not to do that.
We were sold on "smaller". After this snafu occurred, we logged in and disabled "automatic updates". I don't believe that it prompted to update or remove older versions of Java during the server restart... it just did it. It's also kinda strange that it upgraded from 8u66 to 8u71, but 8u74 is the most current version.
This security notice (from yesterday, 2/8/2016) advises to update to at least 8u73