The SSL handshake handled by the JVM (though there might be some config that takes place in the CF engine, not sure), Java 6 supports only TLS 1.0, java 7 adds support for TLS 1.1 and 1.2. The actual crypto parts of it is handled by the JCE (java cryptography engine) which if you are running Enterprise is RSA Bafe CryptoJ.
That other thing that comes into play is the SSL cipher suite support, so it is possible that the JVM and the server cant' find a protocol and cipher suite that they both support. There are also some JVM arguments you can use to tell the JVM which protocols to use, here is the reference doc for Java7: http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#Customization you might try setting -Dhttps.protocols=TLSv1 not sure if that will help, I think the CF engine *may* overrides the property (in some versions of CF). -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http://hackmycf.com - Is your ColdFusion Server Secure? http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10 minutes On Thu, Oct 30, 2014 at 9:07 PM, Michael Grant <[email protected]> wrote: > > I'll try that with them, thank you SO much. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359548 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
