Coldfusion 11, standalone server, SSL

Question

I am running CF11 developer edition using the standalone (tomcat) server on Mac OSX. I need to configure it so that it serves sites over SSL.

So far I have followed these instructions (https://helpx.adobe.com/coldfusion/installing/installing-the-server-configuration.html, section on Configuring Secured Socket Layer (SSL)) but a can't locate the .keystore file that is supposedly generated.

I have googled the hell out of this but there doesn't appear to be a simple end-to-end instruction on how to set this up.

Can anyone help?

Answer 1

I found a solution using a combination of these two pages:

• Configuring Secured Socket Layer (SSL)
• Enabling SSL on the ColdFusion MX built-in web server

Here's what worked for me on Mac:

To generate the keystore file, open terminal and navigate to here:

cd /Applications/ColdFusion11/jre/Contents/Home/jre/bin

Then run this command:

keytool -genkey -alias tomcat -dname "cn=127.0.0.1, ou=CF, o=[Your organisation name], C=[your two-letter country code]" -keyalg RSA -keystore keystore

Enter a password when prompted and keep it safe. This generates a keystore file in /Applications/ColdFusion11/jre/Contents/Home/jre/bin

Then edit the /Applications/ColdFusion11/cfusion/runtime/conf/server.xml file. Locate the SSL connector part, uncomment it and alter it as follows:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
       maxThreads="150" scheme="https" secure="true" 
       keystoreFile="/Applications/ColdFusion11/jre/Contents/Home/jre/bin/keystore" 
       keystorePass="[your keystore password]" 
       keyAlias="tomcat" 
       clientAuth="false" 
       sslProtocol="TLS" />

Then restart ColdFusion.