Bidding Adieu to Adobe

Hi All,

After 8+ amazing years working at Adobe, I’ve decided to move on and take the next step in my career. My last day at Adobe will be Feb 8, 2019. It’s been great working with you all.

For ColdFusion queries coming over Adobe Forums/ColdFusion Community Portal/RiaForge/CFML Slack/Twitter/Facebook/LinkedIn, please reach out to Whilst I’ll no longer be here at Adobe, I’d really like to keep in touch. You can contact me at

My Blog:

I’m excited to start this new adventure. Wish me luck!


No more ColdFusion 10 Security patches/updates from Adobe, as “Core Support” ends in May 2017

The “Core Support” for ColdFusion 10 ends on May 16, 2017. That means, no more Security patches/updates by Adobe for this version of ColdFusion after mid of May 2017. The detailed timelines are mentioned here in the EOL Matrix.

What is Core Support then? Core support is the time frame wherein the product and the support programs are available. This provides, five years of product support from the general availability date of a product.

General availability is the date when the product and the support programs are announced and available for purchase.

Extended support provides an additional two years of Platinum Maintenance and Support(M&S) services after the end of Core Support. Extended Maintenance and Support provides the extra time you may need, to plan your migration to Adobe’s latest technology. Here is the source.

So, if you are on version 10 or prior then, its the correct time for you to upgrade. This will ensure your eligibility of getting Security updates and patches timely from Adobe, for the supported versions of ColdFusion, as and when released.

ColdFusion 2016 Express Edition

Are you looking for Express Edition of ColdFusion 2016? Well, its easy to locate. Just go to, ensure that the Form is filled and hit “Download”. You can cancel the download. You will be redirected to the next page. Look for Interested in trying our Adobe ColdFusion Express Edition ?


There you go. 🙂

If you still find it a little lengthy process, then you can directly go to Once you scroll down to the bottom, you will find the same links given above. Problem solved.

Hope this helps and please continue using ColdFusion 2016.



Connector need not to be reconfigured for CF2016 U1, CF11 U8, CF10 U19

Adobe recently released updates for ColdFusion 2016 Update 1, ColdFusion 11 Update 8 and ColdFusion 10 Update 19 and announced here. Adobe also released ColdFusion Builder 2016 Update 1 and announced here.

With the ColdFusion server updates i.e. CF2016 U1, CF11 U8, CF10 U19, Tomcat version is also upgraded. For ColdFusion 2016, Tomcat has been upgraded to version 8.0.32. Whereas for ColdFusion 11 & 10, Tomcat has been upgraded to version 7.0.68. But, the connector binaries are not updated. So, that means, you can apply the updates and connector reconfiguration is not required.

ColdFusion Summit 2015 and my presentation

I presented this year at ColdFusion Summit 2015, Las Vegas. I spoke on “Migration to ColdFusion 11 – making it seamless and easy“. 

The session was about understanding the ColdFusion migration process and how we can make your ColdFusion migration process seamless and robust. At the same time, we saw what were some of the best practices to save hours and hours of struggle with Migration. We covered all the WHYs WHATs & HOWs related to ColdFusion migration.

My slides are available here

CFHTTP calls over SSL servers and Proxy servers

It’s been a while, I had any blog post. I have been occupied with other CF stuffs, CF12 PR, CFML Slack and CF customers. And this article has been there in my draft for a while now. So, recently I worked with a lot of CF users having trouble with CFHTTP calls over SSL servers and proxy servers.

The CFHTTP tag attributes are explained at There are a few articles available for CFHTTP setup over SSL & proxy, but they seems to be a bit complicated. I want to keep it simple and straightforward with few steps and verify the usage. So here you go:-

1) Importing Certficate to Java/CF Keystore

  1. Go to a page on the SSL server in question.
  2. Double-click the lock icon on browser.
  3. Click the Details tab.
  4. Click Copy To File.
  5. Select the base64 option and save the file.
  6. Copy the CER file into \ColdFusion11\jre\lib\security\ (or whichever JRE ColdFusion is using). As Charlie suggested, you can verify the JRE location or “Java Virtual Machine Path” inside CF Admin at Server Settings > Java and JVM.
  7. Run the following command in the same directory (keytool is located at \ColdFusion11\jre\bin\):

keytool -import -alias name -keystore \ColdFusion11\jre\lib\security\cacerts -file mycert.cer

You can also refer to

Note: – While downloading the certificate, please select “DER” (as shown below)


2) Sample Code to Test CFHTTP Functionality

Once you have imported the certs correctly, you can access your application. However, you can also try with a quick sample code (as like, the one mentioned below). If that works, then you can check your application as well.

But before that, please try accessing in browser, from the same server. We need to ensure this first.

Run the below sample code snippet.

<cfsavecontent variable="localscope.soapRequest">
 <?xml version="1.0" encoding="utf-8"?>
 <soap:Envelope xmlns:xsi="" xmlns:xsd="" xmlns:soap="">
 <CelsiusToFahrenheit xmlns="">

<cfhttp method="POST" url="" proxyServer="" proxyPort="8080" proxyUser="MyUser" proxyPassword="MyPassword" resolveurl="NO" result="httpResponse">
 <cfhttpparam type="xml" name="body" value="#localscope.soapRequest.Trim()#">
 <cfhttpparam type="header" name="Connection" value="keep-alive" >
 <cfhttpparam type="header" name="SOAPAction" value="" >
 <cfhttpparam type="header" name="Content-Type" value="text/xml; charset=utf-8">

<cfdump var="#httpResponse#" label="httpResponse">

You should be getting an output, like the below screenshot:-


A Statuscode 200 confirms the functionality.

In case you are behind a proxy server and not able to hit, then you can try a CFHTTP “GET” call to any web url, which is accessible from your server. It can be or any intranet/internet url.

Your test code snippet will change to:-

<cfhttp method="GET" url="" proxyServer="" proxyPort="8080" proxyUser="MyUser" proxyPassword="MyPassword" resolveurl="NO" result="httpResponse">

<cfdump var="#httpResponse#" label="httpResponse">


3) Test Your Application

Once the test code works, you can try your CFHTTP call. Or you can directly execute your code and verify the CFHTTP call. To get the soap:Envelope and Mimetype details, you can use Soap UI such as


After importing certificates, if you still have issues (even with the sample code snippets), then you need to enable debugging for SSL. Take a backup of jvm.config at \ColdFusion11\cfusion\bin\ and add under the “Arguments to VM” in jvm.config. This would require a CF service restart. The argument would append the debugging info to the coldfusion-out.log at \ColdFusion11\cfusion\logs\.

The most common error is handshake_failure. If you see the same at the bottom of coldfusion-out.log, then please verify that the cert is listed in the same log, with the CF service starts up entry.

If the certificate(s) aren’t there, then please import the certs into the keystore, as per STEP 1 of this article.

If the certificate(s) are there, then add the below arguments in jvm.config with respective values as per your specification and restart CF. You can then, test the Application. This will tell CF to look for the specific truststore and keystore files.

For e.g.:- \ColdFusion11\jre\lib\security\cacerts \ColdFusion11\jre\lib\security\cacerts

Note:- The location mentioned above is the default location. It may vary, if you are using an external JRE. Please refer to Step 6 under “Importing Certficate to Java/CF Keystore“, to verify the JRE location. Thanks Charlie, note taken. Location of the Java keystore file containing an application process’s own certificate and private key. On Windows, the specified pathname must use forward slashes, /, in place of backslashes, \. Password to access the private key from the keystore file specified by This password is used twice:

  • To unlock the keystore file (store password), and
  • To decrypt the private key stored in the keystore (key password).

In other words, the JSSE framework requires these passwords to be identical.

This is applicable to both ColdFusion 10 and ColdFusion 11.