Highlighted

ColdFusion 2016 cannot communicate over TLS 1.2 to SQL Server 2012

New Here ,
Mar 11, 2019

Copy link to clipboard

Copied

Good Afternoon,

I am a Systems Engineer and need some help. Whenever I disable TLS 1.1 on the ColdFusion 2016 server (running on Windows 2008 R2 Operating System), I can no longer communicate with the SQL Server and receive the enable TLS 1.0 and TLS 1.1 error message instead of the web page.

For Security reasons, we want all communication to be on TLS 1.2. Once I disable TLS 1.1, I cannot even load a webpage on the local ColdFusion Server without receiving the TLS error.

I have asked the Developer to update the SQL JDBC Native Drivers, the CF 2016 Server is using native SQL Server driver v2011.110.7001.00 dated 8/15/2017.

The java version CF 2016 is using is jre 1.8.0_191.

The SQL 2012 Server is using native SQL Server driver v2011.110.7462.06 downloaded on 1/6/2018. SQL Server 2012 Management Studio version is 11.0.7462.6.

From what I have read it keeps pointing me back to the native SQL drivers. I have ensured the Windows side of the servers are 100% up to date with all applicable Windows Updates.

Where else should I be looking?  I am not a DBA or Programmer, but I wonder if the issue could be buried somewhere?

Any help would be greatly appreciated.

TOPICS
Database access, Monitoring

Views

1.5K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

ColdFusion 2016 cannot communicate over TLS 1.2 to SQL Server 2012

New Here ,
Mar 11, 2019

Copy link to clipboard

Copied

Good Afternoon,

I am a Systems Engineer and need some help. Whenever I disable TLS 1.1 on the ColdFusion 2016 server (running on Windows 2008 R2 Operating System), I can no longer communicate with the SQL Server and receive the enable TLS 1.0 and TLS 1.1 error message instead of the web page.

For Security reasons, we want all communication to be on TLS 1.2. Once I disable TLS 1.1, I cannot even load a webpage on the local ColdFusion Server without receiving the TLS error.

I have asked the Developer to update the SQL JDBC Native Drivers, the CF 2016 Server is using native SQL Server driver v2011.110.7001.00 dated 8/15/2017.

The java version CF 2016 is using is jre 1.8.0_191.

The SQL 2012 Server is using native SQL Server driver v2011.110.7462.06 downloaded on 1/6/2018. SQL Server 2012 Management Studio version is 11.0.7462.6.

From what I have read it keeps pointing me back to the native SQL drivers. I have ensured the Windows side of the servers are 100% up to date with all applicable Windows Updates.

Where else should I be looking?  I am not a DBA or Programmer, but I wonder if the issue could be buried somewhere?

Any help would be greatly appreciated.

TOPICS
Database access, Monitoring

Views

1.5K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Mar 11, 2019 0
Participant ,
Mar 11, 2019

Copy link to clipboard

Copied

Where do you disable TLS 1.1? Where does the error occur?  When you disable TLS 1.1 on the ColdFusion Server and the error appears in the client's browser this does not have to do with the SQL Server. This is a different issue,  IMO.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 11, 2019 0
New Here ,
Mar 13, 2019

Copy link to clipboard

Copied

Thanks for your help. I disable TLS 1.1 on the Web Server (IIS/CF) and when I open a local IE browser on the same server I receive the error to enable TLS 1.1.  Any idea where I should look in ColdFusion?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 13, 2019 0
Adobe Community Professional ,
Mar 13, 2019

Copy link to clipboard

Copied

When you say "disable TLS 1.1 on the Web Server (IIS/CF)" what exactly are you doing? That's what Bardnet was asking. It's not clear to me either.

There are a bunch of places where TLS can come into play. IIS can support HTTPS clients using TLS. ColdFusion can, as a client itself, use TLS to connect to various services using tags like CFHTTP, CFMAIL, etc. ColdFusion talks to your database using a JDBC client that's provided with ColdFusion. JDBC clients use a connection string to specify how they talk to the database. I'm not sure what connection string attributes are supported by the built-in JDBC client, but generally you can specify things like encryption etc in there. The SQL Server JDBC client that comes with ColdFusion is from DataDirect Technologies, and they have information here:

SQL Server ODBC Driver for Linux & Windows - DataDirect Connectivity

Dave Watts, Eidolon LLC

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 13, 2019 0
New Here ,
Mar 13, 2019

Copy link to clipboard

Copied

Great, thanks for the info.  TLS 1.2 works under IIS, it does not work on the ColdFusion sites which do run calls to the SQL Server using JDBC. I will check out the article above. Thanks

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Mar 13, 2019 0