SSL Certificate Installation in ColdFusion 10

Installing The Certificates to the Keystore

Learn More About SSL

To configure SSL for ColdFusion using the keytool utility, do the following:

  1. Create a certificate file:

    1. Run the following command:

      cfroot\jre\bin\keytool -genkey -alias tomcat -keyalg RSA
    2. Type the details as per the instruction.

      Note: If you do not provide a password, the default password for keystore and key is changeit. If you don’t want to use the default password, ensure that you provide the same password for the keystore and the key.

      Running this command creates a certificate.keystore in the following location:

      • Windows: C:\Documents and Settings\user's_directory
      • Linux: usr/home
  2. Open the cfroot\cfusion\runtime\conf\server.xml file and search for the string Define a SSL HTTP/1.1.
  3. Uncomment the connector details and update the section as follows:

    <Connector port="8443" protocol="HTTP/1.1"
    SSLEnabled="true"          maxThreads="150"          scheme="https"
    secure="true"          keystoreFile="<certificate_location>\.keystore"          keystorePass="<password>" keyAlias="tomcat" clientAuth="false" sslProtocol="TLS" />

  4. Restart ColdFusion.
  5. Access ColdFusion using the following URL: https://<ip-address>:8443/CFIDE/administrator

For more information about SSL configuration, see