Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

The common answer offered is that one should use the "system info" page in the CF Admin, and its available "update level" field.

But I will assert that's not the "right answer" after all, or certainly not the "best answer" to really know what hotfixes (plural) have been applied. Know why? If not, I'll explain here, and I'll show what I would say is the "right" answer to "what hotfixes have you applied?"

[....Continue Reading....]

Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

Ultimately, he realized it was that when one of his colleagues logged into CF 10 Admin, he got logged out, and vice-versa. Certainly frustrating.

And yes, it's by design in CF10, as part of various security enhancements. The issue is that only one person can be logged in to a given account name in the CF Admin (by default, it's "admin"). There is a solution: create new logins for each person needing to access the Admin. I discuss this and much more below.

Update 1: Since I wrote this entry back in June '12, I did a video for Adobe about a year later where I walk through this in several minutes. You may want to check that out.

Update 2: Great news for those using CF11: CF11 addresses this problem with a new feature in the CF Admin. You may want to read ahead to understand the problem to appreciate the point of this solution. Anyway, see the Security > Administrator page and its option, "Allow Concurrent Login Sessions for Administrator Console". The docs say that it will be disabled by default, allowing multipel logings, unless you choose the "securee profile" option during installation or via the admin (the ability to change that in the Admin is another new feature of CF11), in which case concurrent access by a given account it will be disabled.

Where's is this change in CF10 documented?

[....Continue Reading....]

Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

By now most in the CF world (who are connected to community news, at least) should have heard that today is the last day Adobe will be offering a release of CF 9 including Verity, and CF8 at all. I offer here a little more news on that, but more important I offer how you can still find and get those downloads if you want them, even when no longer listed as links on the site. They're now no longer easy to find.

(And I have updated the entry as of Aug 3, 2012, and all below still applies, unless stricken out.)

First, as for what's changing, it's that Adobe has to "pull from the shelves" any releases of CF that include Verity. But while many have been asserting that CF9 was going away, that's not true. And even CF8 can be obtained formally under certain conditions.

But I also offer here some ways you may be able to get these files even if Adobe no longer offers links to them.

But let's tackle a few points of common misinformation this week.

[....Continue Reading....]

Note: This blog post is from 2012. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

The good news is that you just need to update the one hotfix jar. While it is discussed in the technote for the hotfix, the note about this update is sadly (currently) at the BOTTOM of the technote. I'll repeat what it says here, to give it some more visibility:

Note - Updated on March 29, 2012

Following bug is reported for ColdFusion 801 against this security bulletin hotfix.

java.lang.NoSuchMethodError Exception is thrown while using cffile upload.

We have updated the hotfix files of ColdFusion 801 to include the fix for the above issue. Users who have already applied the hotfix for ColdFusion 801 can just update the hotfix jar.

I'm pretty sure this is fixing what some found to be a reliance in the hotfix on your having applied one of the specific Cumulative hotfixes, but if someone had not, or if they inadvertently removed the CHF during the process of adding this single one, things would break. I'll note that the HF technote above does say very specifically what jars to remove, when applying the hotfix. Some people in haste instead delete all the hf and chf jars, or delete chf hars when it says to remove only hf jars. They so look similar in name.

I cover this issue of being careful about applying hotfixes (there are other mistakes you can easily make) in another blog entry I did, CF911: Are you finding CF (or CF Admin) busted after applying a hotfix? Three possible reasons.

And before someone chimes in to lament, "this is what's so wrong with the CF hotfix process, that mistakes can be easily made", I cover that too. The short answer is that Adobe is addressing this in CF10, and may even offer something to help us later for CF 8 and 9. We shall see.

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

Update: Great news. It turns out that just days before I wrote this entry in late 2011, Adobe had in fact addressed and resolved this problem (quietly, I'd say) by making security fixes written from Dec 2011 (apsb11-29) on now have 2 sets of steps, one for if you HAD applied the security hotfix previous to it, and one for if you HAD NOT. And this has proven to be the case for the next few, as I write this update in late 2012. So we can now consider them effectively "cumulative", for those from Dec 2011, on. You need only focus on the latest, and follow either of its 2 provided sets of steps.

That said, I'm not 100% sure if all those from Dec 2011 include all ones prior to that. Has anyone tested things to know?

I'll leave the rest of the note below here for posterity, but stricken out.

[....Continue Reading....]

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

Both CF 9.0 and 9.01 run on older JVMs (and therefore need this update). And are you on CF8? You're not left out: Adobe even has confirmed this update can be applied to CF 8 and 8.01, too!

Note: if you are finding this blog post because you're searching the web for help on updating the JVM that underlies ColdFusion, note that this is a very old post (2011) about one specific JVM version. Instead, for a more general discussion of updating the JVM, and especially about solving and preventing common problems when doing that, see my more "recent" (2014) and more elaborated post: CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'.

Still more updates since this originally was posted:

Update 1: Since I wrote this blog entry in Oct 2011, Adobe has since come out with a new technote in Oct 2012 saying that you are now permitted to update to any version of Java 1.6 (for CF 8/9/10).
Update 2: Since posting this note, I've realized I should document an important fact to be aware of if you DO update the JVM: after doing so, it may seem that changes you made to allow CFHTTP calls to SSL pages (or other tags in CFML that talk via SSL or TLS) may "seem to have been lost". The issue is likely that you had modified your current CF setup to import specific certificates for such sites, but those changes are "lost" when you change the JVM that CF is now using (which has its own keystore). But these cert changes can be recovered. For more on that, see the next to last section below.
Update 3: In Feb 2013, Adobe did come out with an update that authorizes moving to Java 1.7 in either 9 or 10. You must apply the update first, though. More in this Adobe blog entry.

Old news, but not everyone knows

[....Continue Reading....]

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

The "good" news is that there are at least a few really common explanations of what may have happened, which I'll explain them here. Once you consider them, you may find either that you can confirm this is what happened (and fix it), or if nothing else you can keep it in mind if you're ever applying them yourself in the future.

[....Continue Reading....]

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

In this second entry, I'll address the separate but related problem, particularly if you're running CF as a Windows service, that you may find you get timeout errors from the Windows Services panel itself. I'll share some tips to help with that, which I share often with clients of my independent consulting as a CF troubleshooter.

The first thing to understand is that there is indeed a timeout (configurable) for how long the Windows Services control panel is willing to wait. Beyond that, though, there are some 3 more tricks you can use to avoid that timeout. (And I would say again that sometimes you really want to focus instead on WHY CF is taking so long to startup or shutdown, but until you do, the following info may help give you some breathing room.)

[....Continue Reading....]

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

First, this one will help you perhaps find why it's so slow. You may just have been looking in the wrong place for that diagnostic information. Second, the next entry will offer tips to handle on better handling the situation (that the Windows service is slow to stop, and timeouts in the Windows Services panel itself) which you may need to consider until you do solve the root cause problem (or in case it happens again for other reasons).

(Note that most of this info will apply as well if your problem is that CF's taking a long time to start, also.)

As some of you know, I do CF server troubleshooting as an independent consultant. In helping several people a week, this is a fairly common complaint. This also came up on a mailing list today, so I decided to offer these thoughts here.

[....Continue Reading....]

Note: This blog post is from 2011. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.

If you're looking for how to configure CFBuilder to open htm files with the CFML editor, see that other entry. This one instead is about the related idea of having CF (the server) process htm (or other) file extensions. There are certainly pros and cons.

[....Continue Reading....]