Because of a code mistype I accidentally removed the "JsafeJCE" cert provider from my ColdFusion 9 server. Is there any way to restore it? If yes, how?
Server and ColdFusion service have been restarted without a result.
While I Googled the problem I've read that in ColdFusion 9 Enterprise I just have to restart the ColdFusion service. But this didn't help. The provider is gone when I try to access it using:
<cfset local.objSecurity = createObject("java", "java.security.Security") />
<cfdump var="#local.objSecurity.getProviders()#">
It is ColdFusion 9 Standard on a Windows Server 2008 R2. The JRE is 1.6.0_17.
Thank you in advance.
The source of the problem was that I wasn't able to make a cfhttp request using https. So I tried a possible solution found on the web and mistyped the code. It suggested to remove the bugged ssl provider, run the request and reinsert the provider back to the jvm. Because it seems I've deleted the JsafeJCE provider from my native CF9 JRE I had to solve it in another way.
I now solved it, updating the server to JDK1.7.0_79. Now the cfhttp works fine with https.
Doing that you have to change the JRE path in the jvm.config (located in {CF9_installpath}/runtime/bin) to the new jre directory of the JDK1.7.0_79 directory.
The last step is to copy the msvcr100.dll from the new JDK's bin directory to your Cold Fusion's jre directory.
If anyone is interested in a step by step tutorial for updating the underlying JRE in Cold Fusion 9, please let me know.
Related
I have a ASP.NET Core with Blazor website and I want to deploy it to Arvixe host. The website is very simple and contains only UI elements no database required. I published the website to a local file system and uploaded it using FTP to the Plesk.
When I am visiting the website, I receive this error:
500 - Internal server error. There is a problem with the resource you
are looking for, and it cannot be displayed.
I have tried to run it on the IIS and I received more details:
Configuration The configuration file cannot be read due to
insufficient permissions.
I tried to add IIS_IUSRS to the group and users for web.config but I am not able to find it because I am using a windows 10 connected to active directory.
Besides, I still don't know how to solve this problem at Arvixe. Does anyone know tips might help?
500 internal error is generic issue. Please kindly check the error message on the server and paste it here. Make sure that your provider has installed .net core bundled on their server and here are tutorial about publsih .net core using plesk https://windowswebhostingreview.com/how-to-publish-using-web-deploy-with-plesk-control-panel/. It should be working fine.
You need to give Full Trust permission (Read-Write-Execute) to your application folder and also to Application Pool and also check if the Runtime version supported by Arvixe matches with your Asp.net Core version.
Also enable the logs in web.config file by setting stdoutLogEnabled="true" to get detailed error so that you can investigate more about the error.
For many months, my OAuth2 routine has been working perfectly. The OAuth2 routine creates new tokens so that I can carry out API operations.
Suddenly, a week ago, I started getting the following error:
Charset [empty string]
ErrorDetail I/O Exception: peer not authenticated
Filecontent Connection Failure
Header [empty string]
Mimetype Unable to determine MIME type of file.
Responseheader
struct [empty]
Statuscode Connection Failure. Status code unavailable.
Text YES
I am using Coldfusion 10 and I have not changed anything in my testing environment for several months, so the change must have come from PayPal's end.
I am using the following http call:
<cfset clientid = "***">
<cfset secret = "***">
<cfhttp method="post" url="https://api.sandbox.paypal.com/v1/oauth2/token" result="result">
<cfhttpparam type="header" name="Content_Type" value="application/json">
<cfhttpparam type="formfield" name="grant_type" value="client_credentials">
<cfhttpparam type="header" name="Authorization" value="Basic #ToBase64(clientid & ":" & secret)#">
</cfhttp>
Can anyone help me to solve how this problem?
Okay I had exactly the same issue with connecting to the new PayPal REST APIs and the reason behind the error is the migration from Verisign G2 Root certificate (which PayPal no longer supports) and the move to SHA-256 algorithm and Verisign G5 signed certificates.
The confusion comes in that Coldfusion 10 and Coldfusion 11 already have the cacerts in the ColdFusion Truststore so why is it still not working?
After hours of trying and searching, I discovered the certificate issue lies in the JRE folder, not ColdFusion. That quickly led me to upgrade ColdFusion to run on the latest version of Java JDK 1.8_101 (my test server was running on JVM 1.7 and the production server was on 1.8_25 (so I upgraded both and the code ran (which was similar to Charles code in the original post).
So here are the simple steps:
Upgrade ColdFusion to the latest update from ColdFusion Administrator
Install the latest Java JDK (currently 1.8_101) and remember where you install it
Go back into ColdFusion Administrator and go to Java and JVM under Server Settings and point the JVM to the JRE folder in the new JDK e.g. /{JDK_home}/Contents/Home/jre folder and then restart ColdFusion.
The PayPal oAuth2.0 will work again! (At least it did for me). I hope this helps someone save hours of frustration and be reassured that the latest PayPal REST API does work with ColdFusion (even if they don't provide an example - I am working on submitting it to PayPal via Github shortly).
Just to let everyone know, once I installed CF11, the PayPal token was issued without a problem. Obviously, the CF11 cacerts and security providers are compatible. Now, I must try and sort out Railo, which could be more difficult, as I am on Railo 4. I will try updating Railo to its most recent 4+ version...
Update:
To get this to work on Railo, you need to do a clean install of Lucee 4.5 [Railo 4.2 successor]. DO NOT UPDATE FROM RAILO TO LUCEE BY MOVING .JARs. I repeat you need to carry out a clean install of Lucee 4.5:
http://lucee.org/downloads.html
I then came across an issue with the BonCode adapter.
If you get the following error from IIS:
IIS Handler "BonCode-Tomcat-CFM-Handler" has a bad module
Check your IIS Application Pools. In the Application Pool, click on "Basic Settings" on the panel to the right. If the .NET Version is 2.0.0 change it to 4.X and save the change.
TIP:
Make sure your web.config file has the following setting to view this error:
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed"/>
</system.webServer>
</configuration>
This should save you a week's work:)
Good luck all!
I am trying to install a PHP Java Bridge as per the instructions on http://php-java-bridge.sourceforge.net/pjb/index.php on Windows 7
I have PHP working fine on via IIS installed at c:\php
I copied the JavaBridge.war to c:\php which proved to get a good result from the test (running from c:\php)
java -classpath JavaBridge.war TestInstallation
I installed Tomcat 7 and copied the JavaBridge.war to webapps, which the service extract automatically and I am able to get the expected result from
http://localhost:8080/JavaBridge/
All Ok Great!
However when I do the same with the JavaBrigdeTemplate621.war, the browser
http://localhost:8080/JavaBridgeTemplate621/
returns an error
HTTP Status 500 - php.java.bridge.http.FCGIConnectException: Could not connect to server
I have not included the whole page as its very verbose, but the last root cause entry is
root cause
java.io.IOException: PHP not found. Please install php-cgi. PHP test command was: [php-cgi, -v]
php.java.bridge.Util$Process.start(Util.java:1145)
php.java.servlet.fastcgi.FCGIProcess.start(FCGIProcess.java:68)
php.java.bridge.http.NPChannelFactory.doBind(NPChannelFactory.java:94)
php.java.bridge.http.FCGIConnectionFactory.runFcgi(FCGIConnectionFactory.java:88)
php.java.bridge.http.FCGIConnectionFactory$1.run(FCGIConnectionFactory.java:109)
I've tried restarting IIS as well as Tomcat several times
What am I missing (It's Hot and it's Friday ....)
I notice that
\webapps\JavaBridgeTemplate621\WEB-INF\cgi\x86-windows
has a text file called php-cgi.exe.MISSING.README.txt
where as
\webapps\JavaBridge\WEB-INF\cgi\x86-windows
has php-cgi.exe, php5ts.dll and php.ini
Is there another manual step required to get those in there not documented in the instructions?
Not reading the instructions clearly enough. I missed that you should copy the automatically created folder (from war) into the IIS web apps folder. I was trying use Tomcat as the HTTP server instead of IIS. Once I copied them to IIS and accessed via default port 80 (not 8080) it worked fine.
Hope my conversation with myself is of benefit to someone else
Wcf extension is working fine on local iis. however,when i deployed it on windows server 2008, I got the following errors.
An error occurred creating the configuration section handler for system.serviceModel/behaviors: Extension element 'ErrorHandlerExtension' cannot be added to this element. Verify that the extension is registered in the extension collection at system.serviceModel/extensions/behaviorExtensions.
I left a space after each comma, but it did not work.
Pls give me some insight.
In general this could be caused by one of the following problems:
A difference in the configuration file between local iis and server
The dll containing the extension was not deployed to the server
The rights of the identity of the app pool on the server are limited
the solution for this case that I have solved : microsoft netframework version compatible. when I was installed the netframework 4.5 the problem has solved.
I have a simple cfhttp request (a login) going out to an SSL server:
<cfhttp url="https://www2.[domain].com/api/user/login" method="POST" port="443" >
<cfhttpparam type="formfield" name="username" value="[username]" >
<cfhttpparam type="formfield" name="password" value="[password]" >
</cfhttp>
The request fails before it begins, and the ColdFusion server says:
I/O Exception: peer not authenticated
Both development environments work smashingly. They receive the login session and then hand that to the collector process which successfully taps the remote web service for data.
After I spent a day trying to get the correct certificate into the ColdFusion stores, I had the bright idea to actually compare them to the working development environments. I looked at them (keytool -list), and they are identical.
Now that the obvious is absolved the questions I'm left with are twofold:
Is there some other certificate repository I need to check, or alternately, is there a place where I can get ColdFusion to tell me what certificate repository it needs to find the certificate IN (on the off chance it can and has been altered) or if that is even possible.
Identify and correct else could be causing this.
Are the development and production environments the same? Are they all, for example, ColdFusion 9 Standard or ColdFusion 8 Enterprise?
In my experience, this error is usually caused by one of two things:
The administrator failed to install the certificate into the cacarts repository, or they installed it into the wrong one.
ColdFusion Enterprise and ColdFusion Developer edition (for ColdFusion 8 and ColdFusion 9 both, I believe) have an issue with the built-in BSafe CryptoJ library that is installed and certain types of certificates (I have not yet been able to determine a pattern) that causes this error. There are some workarounds if this is the case.
First, I would explore the possibility that you are importing into the wrong certificate repository. It can be hard to tell which repository is being used. In your CF Admin under "Setting Summary" you should be able to find the location of the JRE that is being used. It is listed under "Java Home". Take that directory and add lib/security to the end of it and that should be the location of the cacaerts file that is being used. I say should because I have seen at least one weird situation where it was not.
I HAD the same problem and I tried everything and can't fix it. Strange is that everything worked fine then suddenly stopped working. It might be a Java update on the server causing the problem or a change of the certificate from the website the CFHTTP is trying to access.
Anyway, here is a link I setup for a "demo" of this problem:
http://www.viaromania.eu/https.cfm
As you can see, I am trying to access a HTTPS service using CFHTTP tag. And it is not working. I deleted the certificate from C:\ColdFusion9\runtime\jre\lib\security\cacerts, generated a new one from the website URL, imported back, installed "certman" under CFID/admministrator, checked the certificate, it's there... and it's listed in my test page.
If you scroll to the bottom of my test page, you'll see a similar CFHTTP to https://www.google.com and this works fine, even if there is no certificate installed on the server.
It is important to mention that the request is working just perfect on my development machine, and here I also don't have any certificate installed...
AND THIS HOW I FIXED IT
1. Updated ColdFusion 9.0.2 with this - https://helpx.adobe.com/coldfusion/kb/cumulative-hotfix-1-coldfusion-902.html
2. Installed Java JDK 1.7.0_79 from here http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
3. Changed the Java Home in ColdFusion Administrator / Server Settings → Java and JVM from "C:\ColdFusion9\runtime\lib\jre" to "C:\Program Files\Java\jdk1.7.0_79\jre"
That's it. I don't know if it uses any certificate or not. They were installed in the "C:\ColdFusion9\runtime\lib\jre\lib\security\cacerts" and not moved from there or anything.