I don’t -think- this is a Lucee specific issue, but I thought I’d raise it
in case anyone else has come across it and it also leads into a
question/bug with the Services > SSL Certs section of admin
I recently modified my Win2012r2 server to stop using TLSv1.0 for PCI
compliance. I also reinstalled Lucee 4.5.1.023 with the installer so I have
Tomcat8 running now too. All went well and my scan passed with flying
colours, however…
My Store Finder code which uses cfhttp to call https://maps.googleapis.com
is now failing with the good old “Connection Failure”. Now I know from
past, painful experience that this is usually due to issues with certstore.
When I connect via a browser (on the server) is see that the connection is
using TLS_ECDHE_RSA_WITH_AES128_GCM_SHA256 128bit TLSv1.2 So it looks like
TLv1.1 & 1.2 should be ok.
I installed the https://maps.googleapis.com cert via Services > SSL Certs
(I think…there’s no indication that it worked but no error either) I
restarted the Lucee service but doesn’t seem to have helped.
So, my question. *Is there a reason that Lucee/Java would be having issues
with TLSv1.0 disabled? *
I’m going to try installing the cert using keytool & restart just in case
there was an issue installing it from the admin panel.
The bug bit is this
If you click list or install without a host you get the popup error
“missing value for text input field “host””. When you dismiss that, you
then are presented with a “please wait” screen which never completes. Only
a reload of the page will clear it.
There also doesn’t seem to be any indication that a cert has been installed.
I’ll report it on JIRA.