DH handshake issue with web service using ColdFusion 7 and 8 after java 8 update

New Here ,
Apr 14, 2016 Apr 14, 2016

Copy link to clipboard

Copied

ColdFusion 7 and 8 are bundled with a variant of JRE1.6.

I have a script which has successfully consumed a web service for years.  Last week, the provider of the web service updated their version of Apache and Java on the server to java 1.8 (or java 8).

I could no longer consume the web service after the web service provider upgrade of Apache and Java and would receive the following DH keypair error each time I try to consume the service:

-----------------

AxisFault

faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException

faultSubcode:

faultString: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair

faultActor:

faultNode:

faultDetail:

{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1554)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1537)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1130)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)

at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)

at org.apache.axis.transport.http.HTTPSender.getSocket(HTT... ''

-----------------

I asked the web service provider why this would stop working and how we can fix it.  They suggested I upgrade to the latest version of Java on my server running ColdFusion.  I did some research and found the problem to be with the amount of memory allocated to the variable containing the encryption key.

The big problem is when I tried to upgrade java on this particular server (Windows Server 2003), the install returned a messaged stating it couldn't run on the older OS and I would need to upgrade my OS in order to install java.

Does anyone have a workaround in ColdFusion 7 or 8 by which you can establish the DH handshake using Java 1.6 on your local server while consuming a web service on a server using Java 1.8?

Views

924

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct Answer

LEGEND , Apr 14, 2016 Apr 14, 2016
Hi, frank000000‌,I know that we've had some serious issues with any Java 7 after update 25.  They turned off a lot of network permissions and other things, as a security measure, that used to be available in versions prior to update 25.  But that was when we were running CF Server 9.Ever since we upgraded to CF Server 10 (making sure that we got the CF installer that came with Java 8), we've had very few issues relating to Java.It seems odd, to me, that the host upgrading to 1.8 while your serve...

Likes

Translate

Translate
LEGEND ,
Apr 14, 2016 Apr 14, 2016

Copy link to clipboard

Copied

Hi, frank000000‌,

I know that we've had some serious issues with any Java 7 after update 25.  They turned off a lot of network permissions and other things, as a security measure, that used to be available in versions prior to update 25.  But that was when we were running CF Server 9.

Ever since we upgraded to CF Server 10 (making sure that we got the CF installer that came with Java 8), we've had very few issues relating to Java.

It seems odd, to me, that the host upgrading to 1.8 while your server is at 1.6 would cause any problems.  It very well could be something else.  I'd ask the host provider for documentation outlining exactly how/why their 1.8 could cause interference with your 1.6.

HTH,

^_^

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 16, 2016 Jun 16, 2016

Copy link to clipboard

Copied

Updating ColdFusion fixed the issue.  Thanks.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Jun 16, 2016 Jun 16, 2016

Copy link to clipboard

Copied

LATEST

Glad to hear it!  I wish more issues were so easily corrected with just a simple update.  Amiright?    And thank you for marking my answer as correct.  I do appreciate it.

V/r,

^_^

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines