portal entry

select a category, or use search below
(searches all categories and all time range)
Title:

CF2016/2018 Datasource SSL configuration

| View in Portal
March 08, 2019 03:10:33 PM GMT
3 Comments
<p>Hello, When trying to pass EncryptionMethod=SSL in datasource conenction string, we are getting the below errors: 1- ValidateCertificate=false: “Connection verification failed for data source: CDXTEST java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unknown named group ID: 29 The root cause was that: java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: Unknown named group ID: 29” 2- ValidateCertificate=true: “Connection verification failed for data source: CDXTEST java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]SSL handshake failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested […]</p>
<p>The post <a rel="nofollow" href="https://coldfusion.adobe.com/2019/03/cf2016-2018-datasource-ssl-configuration/">CF2016/2018 Datasource SSL configuration</a> appeared first on <a rel="nofollow" href="https://coldfusion.adobe.com">ColdFusion</a>.</p>
Labels: Data Source, JDBC Connection, Question, ColdFusion, data source, jdbc connection, question

Comments:

Was this after installing CF2016 Update 8/9/10? or CF2018 Update 3? If so, they updated the macromedia_drivers.jar (CF2016) and adobe_drivers.jar (CF2018) for the database drivers as part of the hotfix. A work-around from Adobe is to copy the backed-up version of the file from the hf_updates directory back into cfusion\lib. I can provide more detail if necessary.
Comment by Benjamin Reid
1911 | March 12, 2019 12:06:00 AM GMT
And if that's not it, please confirm if in step 4 you are importing the cert into the cacerts of the jvm cf is set to use--which may not be the one in cf's jre folder. Second, confirm the jvm cf is using. Both are shown in the cf admin settings summary page, in its jvm section.
Comment by Charlie Arehart
1912 | March 12, 2019 01:27:51 AM GMT
DataSource SSL Encryption broken with CF2016 Update 8/9/10 and CF2018 Update 3:<a href="https://tracker.adobe.com/#/view/CF-4204087" rel="nofollow">https://tracker.adobe.com/#/view/CF-4204087</a>
Comment by Benjamin Reid
1914 | March 12, 2019 07:41:09 AM GMT