Coldfusion 2016 CFHTTP can’t connect to API that uses TLS 1.2
I have a site running CF2016 (yes I know we need to upgrade just no time right now). Trying to connect to an API using CFHTTP and consistently get ssl handshake errors. Also tried using apache java httpclient directly and same issue. Not sure how I can force httpclient to use TLS 1.2?
Note that I connect to this API with no issues using JQuery ajax
Also works using my dev server running CF 2023
Tried the old bolthttp cfc but it also fails and does not seem to allow selecting the TLS protocol
Details:
ColdFusion 2016 Update 12 (will try updating to version 17 tonight in case that makes a difference)
Java version: 1.8.0_112
JVM setting: -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1 Also tried -Dhttps.protocols=TLSv1.2
If possible I need to get this working asap without upgrading CF to 2023 as doing this will require tons of testing to see what gets broken by the upgrade. Does anyone have any hints or tips on what else I can try? If not I will probably set up a node server to use for the API calls but not the best solution.
Newbie
1 posts
You need to update your java. That 1.8.0_112 is 8 years old. Any of the 32 updates to Java 8 since the could fix this. See my blog post, https://coldfusion.adobe.com/2019/06/error-calling-cf-via-https-solved-updating-jvm/
I’d written a LOT more here , but the forum somehow lost it. Grr.
I’ll leave it at that. Let me know if you need more detail.
Same with if you’d like me to break into your cf server to show why you don’t want to remain on cf2016. Not a joke.
You must be logged in to post a comment.
23 Nov
10AM Pacific
Online
