I just published blog posts today on how to prevent ColdFusion from falling back to SSLv3 with CFHTTP.
http://www.trunkful.com/index.cfm/2014/12/8/Preventing-SSLv3-Fallback-in-ColdFusion http://www.coldfusionmuse.com/index.cfm/2014/12/8/colfusion-jvm-versions-sslv3-tls Enjoy! Wil Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com [email protected] www.trunkful.com On Nov 19, 2014, at 6:49 PM, Russ Michaels <[email protected]> wrote: > > were on CF9 > > On Thu, Nov 20, 2014 at 12:16 AM, Wil Genovese <[email protected]> wrote: > >> >> This is the Adobe bug report about Solr breaking with Java 1.7.0_51 and >> higher when sandboxes are enabled. This was just fixed in Update 14 for >> CF10. >> >> >> >> >> Wil Genovese >> Sr. Web Application Developer/ >> Systems Administrator >> CF Webtools >> www.cfwebtools.com >> >> [email protected] >> www.trunkful.com >> >> On Nov 19, 2014, at 4:28 PM, Russ Michaels <[email protected]> wrote: >> >>> >>> no I haven't seen it, I even emailed Adobe about it directly and got no >>> reply >>> >>> On Wed, Nov 19, 2014 at 9:49 PM, Michael Grant <[email protected]> wrote: >>> >>>> >>>> I appreciate your feedback Russ. Thank you. From what I've read there >> does >>>> seem to be a fix to the broken SOLR collections. Have you seen this? >>>> >>>> On Wed, Nov 19, 2014 at 10:20 AM, Russ Michaels <[email protected]> >>>> wrote: >>>> >>>>> >>>>> if you are on a shared server then it would be an issue for others who >>>> are >>>>> using SOLR, which would then require the host to roll back to 1.6, >> which >>>>> would then cause your problem again. >>>>> Judging by the fact that you said you had to convince them to do this, >> I >>>>> assume it is a shared server, otherwise you would have been free to do >> it >>>>> yourself had it been your own server. >>>>> Thus why I am suggesting you check this rather than just dismiss it >>>> because >>>>> it doesn't affect you, as when on a shared server you have to consider >>>>> everyone. >>>>> >>>>> >>>>> On Wed, Nov 19, 2014 at 12:24 AM, Michael Grant <[email protected]> >> wrote: >>>>> >>>>>> >>>>>> Hi Russ, I don't use SOLR so this isn't an issue for my use case. >>>>>> >>>>>> >>>>>> On Tue, Nov 18, 2014 at 11:57 AM, Russ Michaels <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> >>>>>>> did you check if SOLR still works after the upgrade ? >>>>>>> >>>>>>> >>>>>>> On Tue, Nov 18, 2014 at 3:00 PM, Michael Grant <[email protected]> >>>>> wrote: >>>>>>> >>>>>>>> >>>>>>>> I finally have an update here. After much back and forth and having >>>>> to >>>>>>>> REALLY make a case for why I was able to convince Newtek to update >>>>>> their >>>>>>> CF >>>>>>>> servers to run Java 1.7 instead of 1.6. This had an immediate >>>>> positive >>>>>>>> result and the SSL handshake was able to proceed properly with TLS. >>>>>>>> >>>>>>>> Thanks to all that helped. >>>>>>>> >>>>>>>> Mike >>>>>>>> >>>>>>>> On Sat, Nov 1, 2014 at 3:42 PM, Michael Grant <[email protected]> >>>>> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> Just a heads up to everyone, I'm still waiting to hear back from >>>>>> Newtek >>>>>>>>> about whether they've reimported the certs and CA cert again. >>>> Once >>>>> I >>>>>>> have >>>>>>>>> some news I'll post back. Thanks again everyone for your >>>> guidance. >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> >>> >>> >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359773 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
