Hello,
I am trying to resolve an issue I’m currently having in CF2016. The issue seems to be connecting to an Informix database using a certificate which is larger (4096). Previously, using the same basic connection parameters to an older system, we had had no issues, but the cert was only 1024 in length. In moving to a different host (in a different data center), I am no longer able to connect to this data source. Same CF insatnce, same database driver.
I imported the Cert into the JVM keystone no problem. Utilizing the JVM running CF, I was able to fire up Beaver AND CONNECT to this data source using the exact same parameters I was trying to utilize in CF. So the issue seems to be specifically relate to ColdFusion. However I can’t find any resources speaking to what is going on.
Anyone have any thoughts? Please advise….
Forrest
Newbie
1 posts
Forrest, I suspect the problem is the JVM that underlies your CF 2016. It could be quite old. Have you ever updated it? If not, it could be from from early 2016 (when CF2016 was released).
Please look at the CF Admin “settings summary” page, and tell us both the CF update level (reported on the first line, such as something like 2016.0.6.xxxx), and then the JVM version (reported on about the 10th line, as something like 1.8.0_xxx).
Older JVMs did not support 4k certs out of the box. Later updates to Java 8 could, with a config change. And JVM’s beyond 8 did by default. Finally, if you are on at least CF2016 update 8, you can update to Java 11 (which would support the 4k cert).
I can help you implement the updates to CF or the JVM, safely and securely (and so that they can be reverted if needed). I shared that in a direct email to you (as we have worked together before), but I also offer that to others who may find this. More at carehart.org/consulting.
You must be logged in to post a comment.
23 Nov
10AM Pacific
Online
