Enabling SSL on the ColdFusion 8 built-in web server
This tutorial assumes default install location for ColdFusion 8 on Windows XP.
The first thing you need to do is to create a keystore. This can be done with the keytool utility. I used the one that is part of ColdFusion 8.
Open a command prompt.
Execute the following command:
cd C:\ColdFusion8\runtime\jre\bin
Create the keystore with this command:
keytool -genkey -dname "cn=127.0.0.1, ou=CF, o=cfchimp, L=Decatur, ST=GA, C=US" -keyalg rsa -keystore mykey
If you have previously configured a keystore you might run into this error:
keytool error: java.lang.Exception: Key pair not generated, alias already exists
If you got the “already exists” error run this command to list the keystores:
keytool -list -v | more
If you got the “already exists” error run this command to delete the keystore:
keytool -delete -alias mykey
If you got the “already exists” error re-run the command to create the keystore.
Enter in a password when prompted (2 times)
Move the keystore file (mykey) to C:\ColdFusion8\runtime\lib\
Edit the config file C:\ColdFusion8\runtime\servers\coldfusion\SERVER-INF\jrun.xml with an xml editor of choice. This file is VERY sensitive so be sure to not screw up the syntax of it. You should probably make a copy of it before you edit it.
<!-- Uncomment this service to use SSL with the JRun Web Server
Note that you MUST create your own keystore before using this service -->
<service class="jrun.servlet.http.SSLService" name="SSLService">
<attribute name="enabled">true </attribute>
<attribute name="interface">* </attribute>
<attribute name="port">9100 </attribute>
<attribute name="keyStore">{jrun.rootdir}/lib/mykey </attribute>
<attribute name="keyStorePassword">mypassword </attribute>
<attribute name="trustStore">{jrun.rootdir}/lib/trustStore </attribute>
<attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory </attribute>
</service>
Restart the ColdFusion8 application service.
Create a test page in the ColdFusion 8 wwwroot and opening it in a web browser using: https://127.0.0.1:9100/testpage.cfm
You should be good to go.
REFERENCES:
For some keytool commands: http://www.instantssl.com/ssl-certificate-support/server_faq/ssl-server-certificate-java.html
Adobe instructions: http://www.adobe.com/support/coldfusion/using/ssl_with_cf_web_server/ssl_with_cf_web_server03.html
October 13th, 2011 at 4:13 pm
fwiw I had trouble getting this to work: http://superuser.com/questions/346332/enabling-ssl-on-the-coldfusion-8-built-in-web-server
October 13th, 2011 at 4:30 pm
Do other browsers also give an error or just chrome? Did you try a solution like this: http://tinyurl.com/2wx4tq6?
October 13th, 2011 at 4:45 pm
Yeah, FF is giving me this error:
“Secure Connection Failed
An error occurred during a connection to 127.0.0.1:9100.
Peer reports it experienced an internal error.
(Error code: ssl_error_internal_error_alert)”
October 13th, 2011 at 4:45 pm
http://tinyurl.com/2wx4tq6? dnw
October 13th, 2011 at 4:46 pm
I mean I cannot see http://tinyurl.com/2wx4tq6? it’s a 404
October 13th, 2011 at 11:25 pm
http://roezer.com/LostBlog/error-neterr_ssl_protocol_error/
Or
http://www.google.la/support/forum/p/Chrome/thread?tid=49d82ba83240f21d&hl=en