Showing results for 
Search instead for 
Did you mean: 

ColdFusion MX 7, Linux and Sandbox connection fails

Our production site uses ColdFusion MX 7 and is on a Linux server; it now fails on calls to within Sandbox. I get a response back from all transactions of:  "Connection Failure."

We are using a CFHTTP (method=POST) call to:

OUr production environment satisfies all of this criteria:
--Your certificate store includes certificates for Root 2 - GeoTrust Global CA
--Your security transport—the part that negotiates TLS—supports SHA-256
--Your solution does not connect directly to Authorize.Net using an IP address
--Your solution’s firewall is not set to whitelist Authorize.Net IP addresses for outbound connections

Our site uses:  PKCS #1 SHA-256 With RSA Encryption

I verified that ColdFusion MX 7 is compatible with SHA-2.

Please advise if anyone knows of a solution or something I can do to debug the issue.


I am having the same problem with ColdFusion8.  It turns out that CF8 does not support SSL certs that use SAN.  So...any chance would use a cert on that does not use SAN?  Because now my CF8 machine is dead in the water for connecting to you.  Right now it's just my dev server.  I sure hope this doesn't happen on the production environment.




We are taking steps to remove this limitation within our sandbox environment.  However strongly encourage developers to keep their servers, frameworks and protocol support up to date to ensure compliance with PCI DSS, established and emerging security requirements.



Absoulty correct! All versions of ColdFusion from ColdFusion 9 and lower are past End Of Life support. All of those versions can only run on Java 1.7 or lower which are also all past End Of Life support.  I highly recommend that these be upgraded.


Wil Genovese

Sr. Web Application Developer / Systems Administrator

CF Webtools



Did make a promotion last night / early this morning?


Now all of our clients' calls are failing in our production environment. Was this issue ever fixed for the Sandbox environment?


I thought it was going to be fixed there (via certificate?) before your promoted.


Is there anyway you can rollback the promotion until you have fixed the issue for ColdFusion users?




Same here. All AIM clients failing as of this morning!


Running CF9 server, on IIS7.5



Have you installed the 4 certificates that Richard H. recommended. Did you read those postings?


We have not, but we were going to try it later today.


Let me know what works for you. I will keep you posted.

To cover all of our production certificates that are currently in use, you will want to install the following three certificates from Entrust. Secure Server Certification Authority
Certificate Thumbprint (SHA-1): 99A6 9BE6 1AFE 886B 4D2B 8200 7CB8 54FC 317E 1539 Certification Authority (2048)
Certificate Thumbprint (SHA-1): 5030 0609 1D97 D4F5 AE39 F7CB E792 7D7D 652D 3431
Entrust Root Certification Authority
Certificate Thumbprint (SHA-1): B31E B1B7 40E3 6C84 02DA DC37 D44D F5D4 6749 52F9


Each of these can be downloaded on the Entrust site at the following URL:



In addition, we are currently using certificates issued by GeoTrust on our sandbox site. You only need one root certificate to verify our GeoTrust certs.


GeoTrust Global CA
Certificate Thumbprint (SHA-1): DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12

This certificate can be downloaded from GeoTrust's site at:



If you are using software that is capable of using a pem file as a certificate store, then you may also use the pem file that we distribute as a part of our PHP SDK. This file includes all four of the aforementioned certificates and can be found on github at:

We have installed the 4 certificates. All of our attempts over AIM are failing for "secure".


We are running CFMX7 on Apache on one server.

We are running BD on Apache on another server.



I'm on CF8 Windows Server 2008 and am having these same connection issues since they did the upgrade May 27th. I installed all the certs, but still get a connection error, any other ideas on what might be causing the issue?