Securing the ColdFusion 2025 Administrator is essential to protect sensitive data and ensure safe communication. One of the best ways to achieve this is by enabling SSL (Secure Sockets Layer), which encrypts traffic.
ColdFusion 2025 offers three methods to enable SSL:
1- Using an Existing SSL Certificate.
2- Creating and Configuring a New SSL Certificate.
3- Manually Generating a Certificate and Editing server.xml.
1- Using an Existing SSL Certificate:
If you have the keystore with either p12 or jks format, you can use it and configure SSL as mentioned below:
- Login to ColdFusion Admin page and Navigate to Server Setting ->SSL Certificate.
- Click on browse and select the location of keystore, enter the password and select the HTTPS checkbox and click on save button.
- Once clicking on save button it will prompt below message for restarting the server, restart the ColdFusion instance.
- Once restarted, you can access the ColdFusion through HTTPS as mentioned below: https://<Hostname>:<SSLPort>/CFIDE/administrator/index.cfm
Note: To know the SSL port of the ColdFusion instance you can check in server.xml which will be in cfusion/runtime/conf directory, check below connector configuration for SSL port.
“<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="150" SSLEnabled="true" scheme="https" secure="true">”
2- Creating and Configuring a New SSL Certificate
- Login to ColdFusion Admin page and Navigate to Server Setting ->SSL Certificate.
Select the Create Radio button and fill in the required details
Enter “Distinguished Name” as mentioned below
CN=localhost,O=Organization,OU=OrgUnit,L=Location,ST=State,C=Country
Eg : CN=localhost,O=OrgName,OU=Sup,L=BAN,ST=KA,C=IN
Note: For Certificate Name please give the extension as .jks , you can only give .jks extension while creating the certificate from Admin page.
- Once entering the above details please click on the save button, changes will be saved and the ColdFusion instance should be restarted in order to take the changes effected.
Once restarted you can access the ColdFusion through HTTPS as mentioned here: https://<Hostname>:<SSLPort>/CFIDE/administrator/index.cfm.
Note: To know the SSL port of the ColdFusion instance you can check in server.xml which will be in cfusion/runtime/conf directory, check below connector configuration for SSL port.
“<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="150" SSLEnabled="true" scheme="https" secure="true">”
3- Manually Generating a Certificate and Editing server.xml
- Create Keystore using keytool command , refer to the below link for creating Keystore.
- Take a backup of server.xml under /{ColdFusion2025-Home}/cfusion/runtime/conf directory , uncomment and edit the SSL Connector configuration.
“ <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="150" SSLEnabled="true" scheme="https" secure="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="certificateFilePath" certificateKeystorePassword="certificatePassword" type="certificateAlgorithm" />
</SSLHostConfig>
</Connector>-->”
Eg: Sample Connector config after editing SSL configuration
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="8443" maxThreads="150" SSLEnabled="true" scheme="https" secure="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="C:ColdFusion2025cfusion/runtime/conf/TestCert.jks" certificateKeystorePassword="Welcome@1234" type="RSA" />
</SSLHostConfig>
</Connector>
- Once changing, restart the ColdFusion instance and you can access the ColdFusion Admin through SSL.
Guide
6 posts
You must be logged in to post a comment.
22 Sep 2025
Las Vegas, NV
