• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Coldfusion MX 6.1 TLSv 1.1

New Here ,
Apr 27, 2017 Apr 27, 2017

Copy link to clipboard

Copied

Is it possible to use TLSv 1.1 on Coldfusion MX 6.1? If so how can I do it?

Any help would be appreciated.

Thanks,

Joe Klovance

Views

1.2K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

TLS will depend on the underlying operating system as well. You will need Windows 7 / 2008 R2 to have it available.

v1.1 is available from Java 1.8 on CF10 and 1.7 on CF 11.

So no is the answer

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

TLS 1.1 is also available on JRE 1.6.0_111. I am also talking a linux install not Windows.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

I hate to be the party pooper, here, but unless your CF installation is strictly intranet (ie, not public-facing), then you want to seriously consider upgrading to AT LEAST CF10.

MX6 is so old that not only are you missing out on some nice features but you're also gambling with your site/app security.  While the *nix platform will help with that, a public-facing MX6 install (really anything less than CF10) could be more vulnerable to malicious activities.  Even if you use USG DoD security measures.

Just a thought.

V/r,

^_^

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

Update to 1.6 if you can manage it but as far as Im aware its not supported.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

It's not... and even if you do update ColdFusion 6, 7, 8 or 9 to the highest Java version and CF patch, it's pretty difficult (or impossible) to force ColdFusion/Java to use newer versions of TLS during the handshake.  For example, We were able to configure a higher TLS version in Java, but ColdFusion 9 still automatically used the lowest compatible protocol.

You may want to use CFExecute and use CURL.  It also has newer features than CFMX6's CFHTTP and is available for every OS/platform.

https://curl.haxx.se/

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Apr 28, 2017 Apr 28, 2017

Copy link to clipboard

Copied

I noted that you stated you were using Linix, not Windows... but for anyone that visits this post using Windows and ColdFusion 3.1, 4.5, 5, 6, 7, 8, 9, 10, 11 or 2016, I recommending using Abiadata's CFX_HTTP.

Adiabata, Inc. - CFX_HTTP5

FYI:  Authorize.Net plans to disable TLS 1.0 and TLS 1.1 by September 18, 2017.  This will cause problems for anyone running ColdFusion 3-9 (and potentially CF10.)   CFX_HTTP5 has a feature that enables you specify which protocols to use.  (We use SSL="5" to force all HTTP Posts to to use TLS1.2.)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 29, 2017 Apr 29, 2017

Copy link to clipboard

Copied

Movak  wrote

Is it possible to use TLSv 1.1 on Coldfusion MX 6.1?

You can answer the question yourself. The earliest version of Java to support TLS 1.1 is 1.6.0_111. So, can you get your Coldfusion MX 6.1 installation to run on Java 1.6.0_111?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 03, 2017 May 03, 2017

Copy link to clipboard

Copied

I worked it out. I had to do the following;

  1. Upgrade the curl on the server to 7.24 (had to build it)
  2. Write a temp script file with the Curl command (to get around CFHTTP issue with multiple parameters)
  3. Execute the script using CFEXECUTE

The only problem now is that the script file hangs around. I have tried to use CFFILE action="delete" but I get no errors but the file stays. The file name is the same as when I write the script.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
May 15, 2017 May 15, 2017

Copy link to clipboard

Copied

LATEST

ColdFusion likes to maintain locks on files for some weird reason.  I used to encounter the same problem when manipulating image files.

Make sure you add a UUID to the filname creating the temporary BAT file.  Execute it from a non-publicly accessible temp directory and then schedule another script to delete old files.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation