http://coldfusion.com logo
#cfml-general
Title
# cfml-general
t

Tim

03/23/2022, 2:53 PM
I've got a weird one today. If I run the following code in Coldfusion 2021 on my server, I get a broken image. If I run the same code on CF2018, it displays the image as expected. If I run this code in cffiddle (trycf doesn't support cfcdocument) on CF2021, it works fine. If I switch out the image url for a different one (

https://upload.wikimedia.org/wikipedia/commons/3/3a/Cat03.jpg

), it works fine on my server. If I download the original image, and put it at a different URL, it also works fine. Does anyone have any thoughts on how to debug this problem?
Copy code
<cfdocument format="pdf">
	<img src="<https://issc.asu.edu/sites/default/files/2022-03/Letterhead%20header.jpg>">
</cfdocument>
a

aliaspooryorik

03/23/2022, 3:10 PM
My hunch would be https related. Can you try it on ACF2021 using http?
t

Tim

03/23/2022, 3:22 PM
looks like i can't. If I go there in a browser, I get redirected to https. If I put http in cffiddle, it doesn't show the image. Same thing locally.
Although it does change from showing the broken image icon to showing nothing at all...
m

Michael Schmidt

03/23/2022, 3:23 PM
I would try CFHTTP to retrieve the image and see what the resultant headers say... Maybe certificate related.
t

Tim

03/23/2022, 3:24 PM
oh, that's a good idea.
bingo! I/O Exception: Received fatal alert: handshake_failure
thanks
🙌 1
oh, wait. that ws with the http url from John's suggestion... let me try again.
yeah, okay, same thing.
so new question -- I've run into a lot of issues with https and cf2021. I'm actually running 2018 and 2021 side by side on this box, with the exact same java version. Why does does CF2018 like this certifcate, but CF2021 does not?
to my knowledge, they're using the exact same keystore.
s

satauros

03/23/2022, 3:59 PM
Just throwing it in here: something to do with TLS 1.2 / 1.3 settings in server arguments? Just a thought
a

aliaspooryorik

03/23/2022, 4:43 PM
Pete's blog is my goto reading when I've had SSL issues - this may help https://www.petefreitag.com/item/852.cfm
t

Tim

03/24/2022, 5:57 PM
the recommendation for the handshake exception is just to upgrade java. But I'm running Java 11.0.13. And since it works on 2018 with Java 11.0.13, and does not work on 2021 with Java 11.0.13, there must be a Coldfusion setting somewhere that's causing this.
I did try dropping down to the raw java, and i still get the exact same behavior. (ie works in cf2018 and breaks with the handshake exception in 2021 -- works on cffiddle and trycf)
I tried adding
-<http://Djavax.net|Djavax.net>.ssl=debug -<http://Djavax.net|Djavax.net>.debug=all
to my JVM args because there was a stack overflow that said that would get extra information in coldfusion-out.log in CF10, but it didn't appear to work now...
j

j0rcarcam

03/28/2022, 2:55 PM
z|
c

carehart

04/07/2022, 3:40 AM
Tim, did you end up sorting this out? If not, the fact that it fails on some cf2021's (yours) but not that on cffiddle (nor for me) suggests this is something on your end. There are other clues you've shared that we could dig into, but before doing that, is this even still an issue for you?
t

Tim

04/07/2022, 1:21 PM
it is still an issue. And i agree that it's probably something on my end. But I don't know how to track down what. I've out for the next hour and a half, but I can tackle this again after that.
2 Views