Secure Certificate for ColdFusion MX Developer

Recently, we've been receiving an error in our production system that I tried to duplicate using my local development server. However, I'm not accessing my development system using SSL like I am with our production system. Thus, to fully duplicate the problem, I had to install a self-signed certificate. Here are the steps I took to install it into my ColdFusion development server:

IMPORTANT: I'm using ColdFusion MX 7 developer with the built in JRun web server.

1) Create a certificate. I used the command line tool for Java called keytool. Got my reference for this from the Adobe Web Site and this older page from Adobe.

I just open the command prompt and here is a snapshot of my command line entry:

This will save a file called cf.keystore in the current directory, in this case C:\Documents and Settings\Chris Schofield.

2) Now that I've got my certificate, I move it to the following directory: [coldfusion install]\runtime\lib where [coldfusion install] is the ColdFusion installation directory on your computer.

3) In a text editor, open the jrun.xml file at [coldfusion install]\runtime\servers\coldfusion\SERVER-INF. Find the following service entry with name="SSLService" and uncomment it.

4) Then I changed the settings (**) as follows:

5) Restart ColdFusion.

After restarting I can now access the local web site securely by pointing my browser to https://127.0.0.1:9100. Internet Explorer still has a cow about it not being a trusted authority, but heck, I trust myself to not hack my own system so I can safely navigate to this web site. You'd think IE would know when its browsing to the local machine.

Fantastic. I deserve a cookie.