Just fyi for people, several service providers will pushed hard this year for full TLS 1.2 compliance. This JVM tweak won't work with older Adobe ColdFusion versions (pre CF11).
This blog post by CFMuse helps explain the problem.. https://www.coldfusionmuse.com/index.cfm/2014/12/8/colfusion-jvm-versions-sslv3-tls The solution is to upgrade your CF servers or switch to Lucee. If you need extra time, you can switch out your cfhttp calls to use the cfx_http5 custom tag which is a C++ tag and avoids the entire problem with old CF/JVM systems. cfx_http5 https://www.coldfusionmuse.com/index.cfm/2014/12/8/colfusion-jvm-versions-sslv3-tls John ma...@fusionlink.com On 3/2/18 7:26 AM, Ajas Mohammed wrote: > Rob, > > I have not used Lucee but I believe it's java behind the scenes. > > If yes, then what's the jdk version? > > If you are on say jdk 1.8, you can add this to your > jvm.config Dhttps.protocols=TLSv1.2 . Check for other jdk also like 1.7. > > Thanks, > > > On Thu, Mar 1, 2018 at 7:50 PM Rob Saxon <saxon...@mercer.edu > <mailto:saxon...@mercer.edu>> wrote: > > CF gurus, > > We have a server with Lucee installed. Is there a way to get > CFLDAP to use TLS instead of SSL for secure connections? I am > trying to connect to an LDAP server that does not support SSL v2. > I don’t see usetls as a parameter available in CFLDAP in Lucee. > Is there a workaround? > > > > Thanks, > > Rob > > -- > <Ajas Mohammed /> > iUseDropbox(http://db.tt/63Lvone9) > http://ajashadi.blogspot.com > We cannot become what we need to be, remaining what we are. > No matter what, find a way. Because thats what winners do. > You can't improve what you don't measure. > Quality is never an accident; it is always the result of high > intention, sincere effort, intelligent direction and skillful > execution; it represents the wise choice of many alternatives.
