[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 573
  • Last Modified:

Making a SSL connection to coldfusion port: 8500 on a Linux Red Hat ES v3 server

I have a confusing problem with trying to connect to my Secure Server.
I have everything completed  to allow SSL connections (only) installed on my Apache web server 2.0.
My OS is Red Hat Linux ES Server. (https://myservername.com)
My secure site is running fine I can conect using https:// only. When I use http:// cannont connect  directly to my web server web site name. (I will be directed to a page in my html directory that I have set to instruct users to use https:// on the secure server to connect.

Problem is.
I cannot connect to my coldfusion server pages using https:// only http://
If I try:
https:/www.myservername:8500/CFIDE/administrator
I cannot connect to my cold fusion server.
If I try:
http://www.myservername:8500/administrator
I will connect just fine.
When I add:
Listen 0.0.0.0:8500
to my ssl.conf file I get an error message when I restart Apache stating that
Apache cannot bind to port 8500.
Can someone help me solve this problem.
I do configure apache2.0 with a SSL module in the conf.d directory.

Thank you in Advance.
Keith Henriques
0
keitharis
Asked:
keitharis
  • 3
  • 3
1 Solution
 
chutzCommented:
I have no experience with coldfusion, but I am pretty sure that its configuration has nothing to do with apache.
Apache cannot bind to port 8500, because the CF server is already binding to that port. Try to look into the configuration of the CF server.
0
 
keitharisAuthor Commented:
Hello chutz:
I had not thought of that as an issue but you could be right. When I configured my SSl server to connect to port 8500 in the Virtual host
section of ssl.conf my coldfusionsever ceased to function. My SSL Apache server would also not work proberly.
I had to put my web server back to 443 and reboot the server in order to get coldfusion  server to function again.
It may be that coldfusion will not accept SSL. It may be as simple as two servers not being able to run on the same port at the same time.
How does Apache SSL accept connections on multiple ports normally. I would appreciate any ideas you have regarding this.
I wonder if coldfusion being a server can accept SSL connections?
Keith Henriques
0
 
chutzCommented:
I had problems installing the trial version of coldfusion, so I couldn't take a look at it myself.

With apache, you can simply list all the ports in the configuration files. I.e. you can add another "Listen" directive, and it will listen on another port. For example:

Listen 10.0.0.8:80
Listen 10.0.0.9:81

Since the SSL negotiation on https:// connections is done at connection time, it is unlikely that if a server supports normal http:// on a given port, it will also support https:// on the same port.

As a workaround (until you figure how to configure CF), I can recommend the ucspi-tcp and ucspi-proxy software. You can download the ucspi-tcp package from http://cr.yp.to/ucspi-tcp.html . Get the SSL patch for it from http://www.nrg4u.com/qmail/ucspi-tcp-ssl-20020705.patch.gz

Compile and install. Then also install ucspi-proxy from http://untroubled.org/ucspi-proxy/

You can then use the new package to listen on an SSL port and forward connections to your unencrypted server like this:

tcpserver -s -n "key_and_cert_file.pem" myservername.com 8501 tcpclient myservername.com 8500 ucspi-proxy

The only downside is that all connections to your CF will appear to originate from the computer where ucspi-proxy is listening (possibly localhost).
0
Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
keitharisAuthor Commented:
Hello chutz:
when I add another Listen to my ssl.conf file in mod.ssl in the conf.d directory
I cannot start Apache and get a warning that port 8500 is already in use.
I have Listen in my httpd.conf file as:
Listen 0.0.0.0:80
this directs users to a welcome page I have created in my html directory linking them to
https://myserver.org
root file directory is /var/www/html
my server cannot now be used as a non SSL (https://) server. (No pages can be accessed in an insecure manner except the coldfusion
server on port 8500 and all .cfm pages.

I think the workaround you demonstrated may work temporarily but it will be easier for me to use php forms  to access and enter data in the mysql data base
I am currently using with coldfusion on my server.

I think coldfusionmx will accept SSL (https://) connections. I must have something configured wrong in ether coldfusionmx or Apache 2.xx
using mod.ssl on a Red Hat ES Server. It is likely something simple that I am missing.

Thank you  again in advance.
Keith Henriques
0
 
chutzCommented:
Stop trying to configure your apache, and rather take a look at the configuration of coldfusion.  I am pretty sure you can even stop apache, and you will still be able to connect to your coldfusion server.
0
 
keitharisAuthor Commented:
Thank you!
I am now trying to learn how to configure my coldfusion server to accept SSL connections or find a
way to use my Apache server with coldfusion
Thank You.
Keith Henrques
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now