House of Fusion
Search over 2,500 ColdFusion resources here
  
Home of the ColdFusion Community

Mailing Lists
Home /  Groups /  ColdFusion Talk (CF-Talk)

Need built-in JWS SSL help

  << Previous Post |  RSS |  Sort Oldest First |  Sort Latest First |  Subscribe to this Group Next >> 
Top  |   Reply  |   Original Post  |   RSS Feed  |   Subscribe to this Group
Author:
Matthew Williams
03/06/2008 11:19 AM

So, it has come to my attention that I need to start encrypting the traffic that I send to the CFadmin (and I must use the JRun admin for my sites, they're all clustered and this is the only way to ensure you're looking at the correct server).  I found this article by Bruce from '05, http://www.bpurcell.org/blog/index.cfm?mode=entry&entry=1064.   It works great... provided I'm using an older JRE.  As soon as I try this on CF8 with JRE 1.6, it bombs out with a communication error.  I've got EAR files of 6.1, 7.0.2, and 8 loaded on the same JRun install. When I run 7 and 8 on JRE 1.4.2, I can view the site fine over SSL.  As soon as I switch CF8 to the latest JRE, no go.  This is going to become extremely problematic for my in the very near future.  Anyone have thoughts?  Otherwise, I'm going to be burning a service request at Adobe. Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog

Top  |   Parent  |   Reply  |   Original Post  |   RSS Feed  |   Subscribe to this Group
Author:
James Holmes
04/17/2008 01:25 AM

Did you ever get anywhere with this? I've just hit exactly the same problem. On Thu, Mar 6, 2008 at 11:43 PM, Matthew Williams <mailme@geodesicgrafx.com> wrote: > So, it has come to my attention that I need to start encrypting the traffic that I send to the CFadmin (and I must use the JRun admin for my sites, they're all clustered and this is the only way to ensure you're looking at the correct server).  I found this article by Bruce from '05, http://www.bpurcell.org/blog/index.cfm?mode=entry&entry=1064.   It works great... provided I'm using an older JRE.  As soon as I try this on CF8 with JRE 1.6, it bombs out with a communication error.  I've got EAR files of 6.1, 7.0.2, and 8 loaded on the same JRun install. When I run 7 and 8 on JRE 1.4.2, I can view the site fine over SSL.  As soon as I switch CF8 to the latest JRE, no go.  This is going to become extremely problematic for my in the very near future.  Anyone have thoughts?  Otherwise, I'm going to be burning a service request at Adobe. > > >  Matthew Williams >  Geodesic GraFX >  www.geodesicgrafx.com/blog -- mxAjax / CFAjax docs and other useful articles: http://www.bifrost.com.au/blog/

Top  |   Parent  |   Reply  |   Original Post  |   RSS Feed  |   Subscribe to this Group
Author:
Matthew Williams
04/17/2008 10:05 PM

Other than some occasional thoughts, no.  I'm pretty sure we're going to be screwed on this one as it points more toward being a JVM issue opposed to a ColdFusion issue.  Looking over some of the 1.6 info, it looks like SSL underwent some major revamping.  I'm curious to see what would happen if a Verisign cert were used instead of a self signed cert... but all of the machines that I do have Verisign certs for are "production" servers and many bad things (TM) would befall should one of those machines have issues whilst I'm testing. Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog

Top  |   Parent  |   Reply  |   Original Post  |   RSS Feed  |   Subscribe to this Group
Author:
James Holmes
04/17/2008 10:28 PM

It's a JVM issue - I installed JDK 1.5_13 and it works fine. This isn't so bad right now, since the classloader bugs in Java 6 mean I'm not keen to use it with CF8 anyways, but when that's finally fixed and we want to go up to 6 again, this will be a real pain. ----- Excess quoted text cut - see Original Post for more -----

Top  |   Parent  |   Reply  |   Original Post  |   RSS Feed  |   Subscribe to this Group
Author:
Matthew Williams
04/17/2008 10:41 PM

Yep, that's exactly where I'm at with this ;).  I even tried creating the self signed cert under the various JVMs (thinking it may be a SSL v3 issue), but I think it may actually be a TLS issue.  But, those are really just buzz words to me.  I don't have a lot of free time to develop a good working relationship with SSL or the JVM.  Guess it's time to burn that support money.  Though, it may have to wait until next week. Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog


<< Previous Thread Today's Threads Next Thread >>

Search cf-talk

October 31, 2014

<<   <   Today   >   >>
Su Mo Tu We Th Fr Sa
       1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31   

Designer, Developer and mobile workflow conference