Fixing HTTPS (I/O Exception: java.security.NoSuchAlgorithmException) errors

When working with CFHTTP and calling URLs that are secured with SSL (HTTPS) you may receive the error:

I/O Exception: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

This is likely due to ColdFusion/JAVA not having the certificate within its trust store of SSL certificates. To resolve this following the below steps (based on Linux CentOS commands):

  1. Download the domains SSL certificate you are calling within your CFHTTP. Click here for a useful how-to guide on doing this.
  2. Using FileZilla or any FTP program upload your saved certificate to the server in an easy to remember location.
  3. Change to the directory that contains the JAVA version you are using as shown below:
    cd /usr/java/jdk1.8.0_66/bin
  4. You will be using the 'keytool' commands to import your certificate and apply it. Below is an example, we will go through each command element further below:
    keytool -import -v -alias your-saved-cert -file /your-saved-cert.cer -keystore /usr/java/jdk1.8.0_66/jre/lib/security/cacerts -storepass changeit
    
  5. Next you will need to restart ColdFusion services to apply the changes fully.
So now we will go through some of the elements of the 'keytool' command that you ran.
  • -alias your-saved-cert
    This alias will be a unique name you need to provide so it can be referenced by yourself and JAVA
  • -file /your-saved-cert.cer
    This tells the keytool where your file is located on the server, in the above example the file 'your-saved-cert.cer' is located in the root of the server
  • -keystore /usr/java/jdk1.8.0_66/jre/lib/security/cacerts
    The keystore option is the location of the cacerts file that will store the references of your certificate
  • -storepass changeit
    The storepass is the password of your JAVA store on your server, by default it is 'changeit'
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Migration: To and from Linux/Windows Servers

Here are some key points and issues when migrating from or to Linux/Windows servers.MsSQL...

Useful ColdFusion Resources & Websites

ColdFusion has a huge community and support so we thought we would share some of the great...

Installing Mura CMS (Version 5)

Installing Mura CMS 5 is a simple process and even simpler when on a local machine. The...

Removing SiteID and index.cfm from Mura CMS

In this article we will be going through the way to change your Mura CMS URLS from:...

Enable ColdFusion errors instead of IIS errors - Windows Only

To enable ColdFusion errors per domain you need to add the following lines to your web.config...