http://coldfusion.com logo
Join Slack
Powered by
Hi, My cfadmin is not loading on https, how can i ...
# cfml-general
m
Hi, My cfadmin is not loading on https, how can i fix it, any clues, i intsalled a new version of coldfusion 2021 on its default port 8500
r
Need more information. Are you wondering how to set it up? If so, what web server are you using? If not, what is the error you are getting?
b
My CF admin is loading on HTTPS. Just do what I'm doing.
m
CF is installed on its own and then IIS is configured using web configuration tool for websites
r
I usually create a new website in IIS pointing at an empty folder. I lock it down and add bindings for SSL and force SSL. I then use the configuration tool to add CF to it.
b
@mk You still have not provided anywhere enough information to figure out what you are doing, let alone help you. • What URL are you using to try and hit the admin? • Does that URL hit IIS or Tomcat directly? • Are you trying to hit Tomcat via SSL? • Have you modified the IIS connector config that blocks access to the CFAdmin via IIS? • What do you mean when you say "not loading"? Is there an error? A status code? A screenshot? Anything??
I can think of a great number of possible issues you may be running into, but without a clearer picture, there's just no use getting off into any of those weeds until we know what your actual issue and set up is.
r
FYI, my response is assuming you want to get to the ColdFusion administrator by going to something like https://admin.domain.com/CFIDE/administrator/
b
FWIW, I'm not making any assumptions until the OP clears up the missing details so I don't lead him down the wrong road 🙂
r
Fair point. That's why I clarified my response.
m
b
That doesn't answer any of my questions above
r
Still need more info. Do you get an error message? The answers to Brad's questions will also help.
m
yes, i get this mesage
SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
on firefox
r
Well, a quick search indicates a bad SSL certificate install and/or incorrect TLS support configured.
m
ok, i do not know how to fix this, because i never configured the servers before
b
Well, it seems you have no interest in categorically answering the questions we've told you we need before we can help you. Good Luck.
m
@bdw429s What URL are you using to try and hit the admin? http://mywebsite.com/CFIDE/administrator/index.cfm Does that URL hit IIS or Tomcat directly? Tomcat Are you trying to hit Tomcat via SSL? Yes Have you modified the IIS connector config that blocks access to the CFAdmin via IIS? No idea about, i did not changed anything What do you mean when you say "not loading"? Is there an error? A status code? A screenshot? Anything?? Error code: SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
b
> Are you trying to hit Tomcat via SSL?
Yes
Ok, that changes everything (and makes most of Rodney's advice moot).
What steps have you taken to configure the HTTPS listener in Tomcat?
It is incorrect
Also, are you SURE, it's hitting Tomcat, or are you simply desiring it to?
Because it would appear you're hitting port 443. Now while it's possible you have no HTTPS listener in IIS and you've configured Tomcat to be listening directly on port 443, it seems unlikely
Either way, that's additional information you need to provide
m
for this "What steps have you taken to configure the HTTPS listener in Tomcat?", i am not sure how to, is there a link whih i need to follow and try something on
problem is only cfadmin does not work in https, the domain works
b
i am not sure how to
So just to be clear, you haven't made any changes to Tomcat (Tomcat does NOT have an HTTPS listener configure by default.) but you think your HTTPS traffic is being served by Tomcat? Something isn't right here, and there still isn't enough information to help.
Generally speaking, if you wish for a given URL to hit Tomcat directly • that host needs to resolve to an IP address that Tomcat is bound to • that port needs to be listened to by Tomcat It is unclear if either of those conditions are met
Furthermore, if you wish for Tomcat to serve not only HTTP traffic, but specifically HTTPS traffic, you will need to • configure the HTTPS listener in the 
server.xml
file • AND have valid SSL certs configured as well. it is unclear if either of these have been done.
I would recommend Googling on how to enable HTTPS on Tomcat, though I'm really doubting if it's really what you need, or just what you think you need.
problem is only cfadmin does not work in https, the domain works
This doesn't make a great deal of sense. So long as you're hitting the cf admin over the same host and port, the SSL connection is going to be negotiated long before the request is routed anywhere or any CF code is run. An SSL error indicates an issue during the negotiation of the actual SSL connection and the path URI should not have any bearing on it.
Unless, of course, you have upstream proxies or firewalls in place enforcing rules, or forwarding requests based on URIs which you haven't told us about.
m
this says something but where i do the generate the keystore https://helpx.adobe.com/coldfusion/kb/enable-ssl-coldfusion-administrator.html
b
I'm out of time for today. Hopefully you can figure out the rest of the details on Google 🙂
m
if adobe does not show me how to do the keytool then i am not a magician to know how it will be done, the documentation from adobe is incomplete and there are not manyy forums where one can get guidance, i found this slack but it seems its the same as others
r
The keytool is a Java program, not Adobe.
b
Adobe's directions are also to create a self-signed cert which isn't really ideally. If you already own an HTTPS cert that is configure in IIS that applies to your domain, configure that cert in Tomcat. You can find many pages online showing this.
There are also a lot of pages on the internet showing how to create a self-signed cert as well, but it's a pain and I hate doing it, lol.
r
FYI, unless you changed something from the default ColdFusion install, you should not mess with Tomcat and your issue is most likely with the certificate in Windows that IIS is trying to use. If you are really trying to use Tomcat then that is beyond beginner ColdFusion knowledge and some research into Java and Tomcat would benefit you.
m
@Rodney i just installed and want to browse it using https, i changed nothing.
r
Then you have a problem with your certificate for the website. It's not a ColdFusion problem at this point and you'll need to Google the error and IIS.
m
i don't get it
why cfadmin is not loadin with https and site isloading
how it is not connected to cfadmin
anyways i think i will get an answer here, back to search and try some other ways
not much helpful
2 Views
Open in Slack
PreviousNext
Powered by