Knowledge Base

SSL Certificate Installation in ColdFusion 10

Installing Certificates in the Keystore

To configure SSL for ColdFusion using the keytool utility, do the following:

1. Create a certificate file

   1. Run the following command:

      cfroot\jre\bin\keytool -genkey -alias tomcat -keyalg RSA

   2. Type the details as per the instructions.

      Note: If you do not provide a password, the default password for the keystore and key is changeit. If you don’t want to use the default password, ensure that you provide the same password for the keystore and the key.

      Running this command creates a certificate.keystore in the following location:

      • Windows:

        C:\Documents and Settings\user's_directory

      • Linux:

        usr/home

2. Open the cfroot\cfusion\runtime\conf\server.xml file and search for the string Define a SSL HTTP/1.1.
3. Uncomment the connector details and update the section as follows:

4. <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"          maxThreads="150"          scheme="https" secure="true"          keystoreFile="<certificate_location>\.keystore"          keystorePass="<password>" keyAlias="tomcat" clientAuth="false" sslProtocol="TLS" />

5. Restart ColdFusion.
6. Access ColdFusion using the following URL: https://<ip-address>:8443/CFIDE/administrator

For more information about SSL configuration, see http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html.