ColdFusion 9.0.0 TLSv1.2
I am running ColdFusion 9.0. Fix 3. I am trying to get TLSv1.2 to work with the cf_http tag. I started by updating to Java 7 Update 80 and then Java 8 Update 25. Using Wireshark it looks like it still connects trying TLSv1.0 and the endpoint will only accept TLSv1.2. From what I've read, there is support for Java 7 and 8 TLSv1.2, but that doesn't seem to be the way to get Cold Fusion to use it. Any ideas?
Windows 2008 32bit
On the side of the note that I know version 9 is old and I am working on updating to the new version, but this part has appeared and needs to be done before we plan to complete the update, and testing and updating breaks part of the site.
source to share
I've been blogging about this for several years; ever since Authorize.net and PayPal announced SSL updates that were not compatible with ColdFusion 8 and 9. My workaround was to use CFX_HTTP5 from Adiabata, Inc. This Windows C ++ tag fixes all ColdFusion-related bugs in ColdFusion 3-11. It is "built on the WinHttp 5.1 API - Windows native HTTP layer" and therefore supports all security and authentication protocols, whether ColdFusion supports them or not. "It is also faster and supports up to 64 concurrent / asynchronous requests and client It features DNS TTL and does not require a reboot if the server you are accessing has recently changed IP addresses. (CFHTTP DNS cache is either never or forever.)
Other reasons I recommend using CFX_HTTP5 are that it 1) works, 2) provides more connectivity / query capabilities, and 3) provides consistent functionality and behavior across all ColdFusion versions; EOL and the future.
Here's a very simple example:
<CFX_HTTP5 METHOD="POST"
URL="https://apitest.authorize.net/xml/v1/request.api"
HEADERS="Content-Type: text/xml#Chr(13)##Chr(10)#"
BODY="#xmlString#"
OUT="RESULT">
<CFIF STATUS NEQ "OK">
<CFTHROW MESSAGE="#ERRN# #MSG#">
</CFIF>
<CFSET returnedXML = RESULT>
source to share