0

I have a client on MX7 who wants to migrate to CF9. I have a dev environment for them on my WinXP machine where I've configured MX7 to run with JRun's built-in web server. I've had that working for a long time with both regular and SSL connections.

I installed CF9 yesterday side-by-side with the existing MX7 install to start testing. The install was smooth and detected MX7, adjusted CF9's port numbers for no conflict, etc. Testing started well: MX7 over regular and SSL still worked and CF9 worked over regular HTTP. But I can't get CF9 to work with SSL. I installed a new certificate with keytool, FireFox (v3.6) complained about it being unsigned, I added it to the exception list, and now I get this:

Secure Connection Failed
An error occurred during a connection to localhost:9101.
Peer reports it experienced an internal error.
(Error code: ssl_error_internal_error_alert)

I've been Googling that in all variations but can't find much help to get past this. I don't see any info in any log files either. FWIW, here's my SSL config from SERVER-INF/jrun.xml:

<service class="jrun.servlet.http.SSLService" name="SSLService">
  <attribute name="enabled">true</attribute>`
  <attribute name="interface">*</attribute>
  <attribute name="port">9101</attribute>
  <attribute name="keyStore">{jrun.rootdir}/lib/mykey</attribute>
  <attribute name="keyStorePassword">*deleted*</attribute>
  <attribute name="trustStore">{jrun.rootdir}/lib/trustStore</attribute>
  <attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory</attribute>
  <attribute name="deactivated">false</attribute>
  <attribute name="bindAddress">*</attribute>
  <attribute name="clientAuth">false</attribute>
</service>

Anyone here know of any issues re setting up SSL and CF9? Anyone had success with it?

Dave

Improve this question

2 Answers 2

Reset to default
1

You have to add the following to the java.args in the jvm.config file:

-Dcoldfusion.disablejsafe=true

After this, the built-in Webserver of ColdFusion 9 will accept the SSL request on Port 9100.

Improve this answer
1
  • Kudos for answering this over 2 years later. I tested it and it works just fine. Thanks.
    – DaveBurns
    Commented Apr 4, 2012 at 18:38
0

Dave, when you say "I don't see any info in any log files either", can you clarify if you mean the [cf]/logs? They may not be helpful for this. Or do you mean you HAVE checked the [cf]\runtime\logs (or [jrun]\logs)? Those may be more valuable for info on this kind of problem. Might help to hear what they say (if they say anything) before folks start guessing at possible solutions for you.

Improve this answer
1
  • I've looked through all .log files under my CF9 install's root dir. Even the runtime\logs although I know the problem is at a different level in the stack. The logs I'm looking at mainly are in my CF/logs dir: application.log, exception.log, etc. The relevant one seems to be server.log but the strings 'ssl' and 'error' appear nowhere in it (I've also looked through it manually of course). Someone on another list pointed me to the JRun logging doc so I'll experiment with some settings there. If anyone has clues to what I should look for and where, I'm all ears. Thanks.
    – DaveBurns
    Commented Mar 7, 2010 at 15:51

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .