There appears to be much trouble and confusion using ColdFusion and scheduled tasks over SSL. If you Google search or check out the official Adobe forums there are numbers of threads mentioning this issue, with no process to fix or resolve this issue.
The number one suggestion and most popular solution seemed to be setting up a virtual host for localhost (basically only accepting connections from 127.0.0.1). I guess that works and you can go that route, but there is an easy solution to the SSL issue also.
In a nutshell, CFHTTP has some issues with SSL. All one has to do is add the certificates for your SSL sites that you are running your scheduled tasks against. It’s a simple 2 step process after you get the certificate.
- Copy the certificate file to the Java Runtime security folder ColdFusion is using (e.g.,/opt/coldfusion9/runtime/jre/lib/security).
- Run the key tool (in your jre bin folder) to import the certificate into the list available to ColdFusion. Here is an example, assuming you are in your jre/lib/security folder: ../../bin/keytool -import -v -alias some-name-alias-cert -file the-cert-you-copied.crt -storepass changeit -keystore cacerts
Some notes in the above keytool command:
- For the -storepass option, “changeit” is the default ColdFusion passphrase used.
- The -keystore option is referring to the file holding the list of certificates that have been imported. cacerts is a file already located in the jre/lib/security folder. If you don’t specify it will default install the certificate into your home directory, which is not accessible by ColdFusion.
I recommend you read it in full for more details.