Copy link to clipboard
Copied
Follow the steps below:
keytool -genkeypair -keystore myKeystore.p12 -storetype PKCS12 -storepass changeit -alias mycert -keyalg RSA -keysize 2048 -validity 99999
keytool -exportcert -keystore myKeystore.p12 -storepass changeit -alias mycert -rfc -file mycert.pem
<!--<Connector packetSize="65535" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />-->
The code above is commented in server.xml.
<Connector packetSize="65535" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="myKeystore.p12" keystorePass="changeit"/>
The path of the keystoreFile is the location where you'd copied the keystore. Specify the full path based on the OS.
https://hostname:8443/CFIDE/administrator/index.cfm
<!--internal webserver start <Connector packetSize="65535" port="8503" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8451"/> internal webserver end-->
If you see an error message related to SSL handshake, in jvm.config, add the argument,
"-Dcom.sun.net.ssl.enableECC=false"
Copy link to clipboard
Copied
Saurav_Ghosh will it make Coldfusion database connections SSL enabled too?
Copy link to clipboard
Copied
No, for that you need to install certificates on your DB server. The exact details will depend on your DB server software. Here's some documentation on that for MS SQL Server.
Dave Watts, Eidolon LLC