No more ColdFusion 10 Security patches/updates from Adobe, as “Core Support” ends in May 2017

The “Core Support” for ColdFusion 10 ends on May 16, 2017. That means, no more Security patches/updates by Adobe for this version of ColdFusion after mid of May 2017. The detailed timelines are mentioned here in the EOL Matrix.

What is Core Support then? Core support is the time frame wherein the product and the support programs are available. This provides, five years of product support from the general availability date of a product.

General availability  is the date when the product and the support programs are announced and available for purchase.

Extended support provides an additional two years of Platinum Maintenance and Support services after the end of Core Support. Extended Maintenance and Support provides the extra time you may need, to plan your migration to Adobe’s latest technology. Here is the source.

So, if you are on version 10 or prior then, its the correct time for you to upgrade. This will ensure your eligibility of getting Security updates and patches timely from Adobe, for the supported versions of ColdFusion, as and when released.

ColdFusion 2016 Express Edition

Are you looking for Express Edition of ColdFusion 2016? Well, its easy to locate. Just go to, ensure that the Form is filled and hit “Download”. You can cancel the download. You will be redirected to the next page. Look for Interested in trying our Adobe ColdFusion Express Edition ?


There you go. 🙂

If you still find it a little lengthy process, then you can directly go to Once you scroll down to the bottom, you will find the same links given above. Problem solved.

Hope this helps and please continue using ColdFusion 2016.



Connector need not to be reconfigured for CF2016 U1, CF11 U8, CF10 U19

Adobe recently released updates for ColdFusion 2016 Update 1, ColdFusion 11 Update 8 and ColdFusion 10 Update 19 and announced here. Adobe also released ColdFusion Builder 2016 Update 1 and announced here.

With the ColdFusion server updates i.e. CF2016 U1, CF11 U8, CF10 U19, Tomcat version is also upgraded. For ColdFusion 2016, Tomcat has been upgraded to version 8.0.32. Whereas for ColdFusion 11 & 10, Tomcat has been upgraded to version 7.0.68. But, the connector binaries are not updated. So, that means, you can apply the updates and connector reconfiguration is not required.

ColdFusion Summit 2015 and my presentation

I presented this year at ColdFusion Summit 2015, Las Vegas. I spoke on “Migration to ColdFusion 11 – making it seamless and easy“. 

The session was about understanding the ColdFusion migration process and how we can make your ColdFusion migration process seamless and robust. At the same time, we saw what were some of the best practices to save hours and hours of struggle with Migration. We covered all the WHYs WHATs & HOWs related to ColdFusion migration.

My slides are available here

CFHTTP calls over SSL servers and Proxy servers

It’s been a while, I had any blog post. I have been occupied with other CF stuffs, CF12 PR, CFML Slack and CF customers. And this article has been there in my draft for a while now. So, recently I worked with a lot of CF users having trouble with CFHTTP calls over SSL servers and proxy servers.

The CFHTTP tag attributes are explained at There are a few articles available for CFHTTP setup over SSL & proxy, but they seems to be a bit complicated. I want to keep it simple and straightforward with few steps and verify the usage. So here you go:-

1) Importing Certficate to Java/CF Keystore

  1. Go to a page on the SSL server in question.
  2. Double-click the lock icon on browser.
  3. Click the Details tab.
  4. Click Copy To File.
  5. Select the base64 option and save the file.
  6. Copy the CER file into \ColdFusion11\jre\lib\security\ (or whichever JRE ColdFusion is using). As Charlie suggested, you can verify the JRE location or “Java Virtual Machine Path” inside CF Admin at Server Settings > Java and JVM.
  7. Run the following command in the same directory (keytool is located at \ColdFusion11\jre\bin\):

keytool -import -alias name -keystore \ColdFusion11\jre\lib\security\cacerts -file mycert.cer

You can also refer to

Note: – While downloading the certificate, please select “DER” (as shown below)


2) Sample Code to Test CFHTTP Functionality

Once you have imported the certs correctly, you can access your application. However, you can also try with a quick sample code (as like, the one mentioned below). If that works, then you can check your application as well.

But before that, please try accessing in browser, from the same server. We need to ensure this first.

Run the below sample code snippet.

<cfsavecontent variable="localscope.soapRequest">
 <?xml version="1.0" encoding="utf-8"?>
 <soap:Envelope xmlns:xsi="" xmlns:xsd="" xmlns:soap="">
 <CelsiusToFahrenheit xmlns="">

<cfhttp method="POST" url="" proxyServer="" proxyPort="8080" proxyUser="MyUser" proxyPassword="MyPassword" resolveurl="NO" result="httpResponse">
 <cfhttpparam type="xml" name="body" value="#localscope.soapRequest.Trim()#">
 <cfhttpparam type="header" name="Connection" value="keep-alive" >
 <cfhttpparam type="header" name="SOAPAction" value="" >
 <cfhttpparam type="header" name="Content-Type" value="text/xml; charset=utf-8">

<cfdump var="#httpResponse#" label="httpResponse">

You should be getting an output, like the below screenshot:-


A Statuscode 200 confirms the functionality.

In case you are behind a proxy server and not able to hit, then you can try a CFHTTP “GET” call to any web url, which is accessible from your server. It can be or any intranet/internet url.

Your test code snippet will change to:-

<cfhttp method="GET" url="" proxyServer="" proxyPort="8080" proxyUser="MyUser" proxyPassword="MyPassword" resolveurl="NO" result="httpResponse">

<cfdump var="#httpResponse#" label="httpResponse">


3) Test Your Application

Once the test code works, you can try your CFHTTP call. Or you can directly execute your code and verify the CFHTTP call. To get the soap:Envelope and Mimetype details, you can use Soap UI such as


After importing certificates, if you still have issues (even with the sample code snippets), then you need to enable debugging for SSL. Take a backup of jvm.config at \ColdFusion11\cfusion\bin\ and add under the “Arguments to VM” in jvm.config. This would require a CF service restart. The argument would append the debugging info to the coldfusion-out.log at \ColdFusion11\cfusion\logs\.

The most common error is handshake_failure. If you see the same at the bottom of coldfusion-out.log, then please verify that the cert is listed in the same log, with the CF service starts up entry.

If the certificate(s) aren’t there, then please import the certs into the keystore, as per STEP 1 of this article.

If the certificate(s) are there, then add the below arguments in jvm.config with respective values as per your specification and restart CF. You can then, test the Application. This will tell CF to look for the specific truststore and keystore files.

For e.g.:- \ColdFusion11\jre\lib\security\cacerts \ColdFusion11\jre\lib\security\cacerts

Note:- The location mentioned above is the default location. It may vary, if you are using an external JRE. Please refer to Step 6 under “Importing Certficate to Java/CF Keystore“, to verify the JRE location. Thanks Charlie, note taken. Location of the Java keystore file containing an application process’s own certificate and private key. On Windows, the specified pathname must use forward slashes, /, in place of backslashes, \. Password to access the private key from the keystore file specified by This password is used twice:

  • To unlock the keystore file (store password), and
  • To decrypt the private key stored in the keystore (key password).

In other words, the JSSE framework requires these passwords to be identical.

This is applicable to both ColdFusion 10 and ColdFusion 11.

java.lang.OutOfMemoryError in ColdFusion

java.lang.OutOfMemoryError is certainly not a new error in ColdFusion. If you look around the web, you will find many articles. I thought of creating my own steps to be followed, as well as, how to fix the same. This article is based on a Windows platform.

Jcosole is a JMX-compliant graphical tool for monitoring a Java virtual machine. It can monitor both local and remote JVMs. It can also monitor and manage an application.

The jconsole executable can be found in JDK_HOME/bin, where JDK_HOME is the directory in which the Java Development Kit (JDK) is installed. If this directory is in your system path, you can start JConsole by simply typing jconsole in a command (shell) prompt. Otherwise, you have to type the full path to the executable file.

You can use JConsole to monitor both local applications, namely those running on the same system as JConsole, as well as remote applications, namely those running on other systems.

As per our discussion, below are the steps for monitoring the Memory:-

  1. Stop the ColdFusion service and start ColdFusion from Command prompt. See instructions here.
  2. Press CTRL+ALT+DELETE, and then click Task Manager.
  3. In Task Manager, click the Process tab, click View, and then click Select Columns.
  4. In the Select Columns dialog box, click to select the PID (Process Identifier) check box, and then click OK. You see that the PID column has been added to the Process tab. If not, Enable PID in Task manager: View>Set Column> Check PID
  5. You can now locate the PID and the corresponding executable file that started the process in Task Manager.
  6. Start another command prompt and go JDK_HOME/bin and type jconsole pid
  7. Monitor the graph.

If the non-heap memory is increasing then, the permgen value needs to be recalculated. Whereas, if the heap memory is increasing then the Xmx needs to changed.

These articles are for JRE 7, however, the logic remains the same for JRE 8 as well. If you are on JRE 8, then permgen will be replaced by metaspace. The memory referred to hear is defined in the jvm.config at \ColdFusion11\cfusion\bin\. The same can be changed Server Settings > Java and JVM under ColdFusion Administrator.

Note:- Please take a backup of the jvm.config, before making any changes in the ColdFusion Administrator or the actual file. Changes to JVM would require a ColdFusion service restart.

One of the old ColdFusion article for performance tuning helps in understanding various other parameters related to memory tuning and performance.

Happy Birthday, whose birthday – It’s ColdFusion

Yes, you heard it right. ColdFusion turned twenty today. I see CF veterans and patrons, all around the world.  

Glad to be a part of this community.