Copy link to clipboard
Copied
Hello,
I have an existing/working CF10-SQL 2008 DataSource that I need to make encrypted. I have added the following connection string to the advanced setting of the DSN:
EncryptionMethod=SSL; trustStore=C:/ColdFusion10/jre/bin/cacerts; trustStorePassword=PASSWORD; ValidateServerCertificate=true;
The SSL certificate for the SQL server was issued with the FQDN and resides on the SQL and ColdFusion servers and was loaded in to the CF certificate store.
When verifying the DSN, I receive the following error:
Connection verification failed for data source: TestSSLDSN
java.sql.SQLNonTransientConnectionException: [Macromedia][SQL Server JDBC Driver] SSL Handshake failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Any assistance would be greatly appreciated. Thanks!
Copy link to clipboard
Copied
trustStore=C:/ColdFusion10/jre/bin/cacerts;
Shouldn't that be: trustStore=C:/ColdFusion10/jre/lib/security/cacerts;
Copy link to clipboard
Copied
Yes but I just missed it here in my post, the connection string in the DSN has the correct path.
I have validated the connection string by purposely changing the truststore and password values to confirm neither are the issue.
Thank you but that's not it. 😞
Copy link to clipboard
Copied
What about including the flag HostNameInCertificate? I would also check that the Java versions are consistent.
Copy link to clipboard
Copied
Ok, finally got a chance to try adding the HostNameInCertificate value identifying the full name of the SQL certificate to the CF connection string but that didn't help either.
Also, Java isn't allowed on either server; is that an issue even if I'm using the SQL Server DSN driver?
Copy link to clipboard
Copied
The certificate check requires Java.