Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION MX 61
61626364656667686970
68 Chapter 4: Web Server Management
5 The JavaScript validation used by the cfform tag references the CFIDE/scripts/cfform.js file.
However in a multi-homed environment, each virtual website may not contain this directory
and file. Either copy this file and store it in your virtual website’s web root in a CFIDE/scripts
directory or modify all
cfform tags to use the scriptsrc attribute to specify the location of the
cfform.js file.
6 Ensure that Cache Web Server Paths is disabled in the Caching page of the ColdFusion MX
Administrator (in the J2EE configuration on JRun, set the
cacheRealPath attribute to false for
the ProxyService in the jrun.xml file).
7 Test each virtual server to ensure that CFM pages are served correctly.
SSL
The web server connectors supports the use of secure sockets layer (SSL) between the web server
and a ColdFusion server. This is typically not necessary, since the web server is behind a firewall in
most production configurations. However, for maximum security, you can use SSL with the web
server connector.
To enable SSL for the web server connector:
1 Generate a keystore using the following Java keytool command. For example:
keytool -genkey -dname "cn=<server name or IP address>, ou=CFEngineering,
o=Macromedia, L=Newton, ST=MA, C=US" -keyalg rsa -keystore <keystore name>
2 When prompted, enter appropriate passwords that are six or more characters in length.
3 Rerun keytool to add certificates to the keystore.
Note: In a production environment you would obtain a signed certificate from a certificate
authority.
4 Open the cf_root/runtime/servers/default/SERVER-INF/jrun.xml file in a text editor and set
the ProxyService
keyStore, keyStorePassword, and trustStore (optional) attributes to
appropriate values. The keyStore and trustStore attributes should be the paths and filenames
of the keystore and truststore files.
5 Download and build OpenSSL. The OpenSSL distribution is available at http://openssl.org in
a tar.gz file. You must download the distribution and build it for your operating system based
on the included installation instructions. Place the compiled OpenSSL code in a directory that
is in your system path, such as cf_root/runtime/servers/lib.
6 Open the web server connector configuration file (for example, jrun.ini, httpd.conf, or
magnus.conf) and set the
ssl property to true.
Note: If using Apache virtual hosts, the ssl property must be outside of any VirtualHost
directives.
To use SSL with the built-in web server, enable the SSLService in the cf_root/runtime/servers/
default/SERVER-INF/jrun.xml file and set the
keyStore, keyStorePassword, and trustStore
attributes to appropriate values.