Charlie, Thanks for the quick response. Ok I'll put that as an option. The only thing is I saw lots of people saying do this at your own risk. But it does make me feel a bit more comfortable when you suggested that.
On Wed, Feb 15, 2017 at 11:50 AM, charlie arehart < [email protected]> wrote: > Just go ahead and run CF9 with Java 8. No, it’s not “supported”, but CF9 > hasn’t been “supported” since 2012, so just go for it. Test things, watchin > things. It’s worked find for many. > > > > /charlie > > > > *From:* [email protected] [mailto:[email protected]] *On > Behalf Of *Xiaofeng Liu > *Sent:* Tuesday, February 14, 2017 06:43 PM > *To:* [email protected] > *Subject:* [cfaussie] Is it even possible to get CF9.0.2 with JDK 1.7 to > support TLS1.2? > > > > Hi folks, > > > > I know this sounds crazy. A web service API we securely connect to is > going to disable TLS 1.0 and 1.1 due to the new SSL security standards. > > > > I got a CF9.0.2 box with update level /updates/chf9020001.jar applied. It > also got java home switched to JRE under JDK 1.7. So it used to work > without any issue until recently some changes made to the API testing > environment and I got javax.net.ssl.SSLHandshakeException error during > hand-shake. > > > > Tried following this article below to set -Dhttps.protocols=TLSv1.2, > TLSv1.1,TLSv1: > > > > https://www.trunkful.com/index.cfm/2014/12/8/Preventing-SSLv3-Fallback-in- > ColdFusion > > > > What I have also done is to import the whole chain of the API certificates > into the keystore under the java in use. > > > > However, just like the author of the above article mentioned, it can never > go beyond TLSv1 when I make connection to the API. > > > > jrpp-1, WRITE: TLSv1 Handshake, length = 186 > > ........ > > jrpp-1, received EOFException: error > > jrpp-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote > host closed connection during handshake > > jrpp-1, SEND TLSv1 ALERT: fatal, description = handshake_failure > > jrpp-1, WRITE: TLSv1 Alert, length = 2 > > ........ > > jrpp-1, IOException in getSession(): javax.net.ssl.SSLHandshakeException: > Remote host closed connection during handshake > > > > My understanding is CF9 has reached EOL and it does not officially support > JDK 1.8 so that does not seem to be an option either. > > > > So I would like to reach out to see if anybody ever got this working on > CF9 or the only option is to upgrade CF to 11? > > > > I appreciate any thoughts on this. > > > > -- > > Thanks, > > Xiaofeng, > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/cfaussie. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/cfaussie. > For more options, visit https://groups.google.com/d/optout. > -- Best regards, Xiaofeng,^_^ -- You received this message because you are subscribed to the Google Groups "cfaussie" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/cfaussie. For more options, visit https://groups.google.com/d/optout.
