My Oracle Support Banner

Connection From A Coldfusion JDBC Connection To Oracle Database Using TCPS Fails With Keystore was tampered with, or password was incorrect (Doc ID 2264057.1)

Last updated on JANUARY 04, 2023

Applies to:

JDBC - Version and later
Information in this document applies to any platform.


TCPS connection from ColdFusion 2016 using Java 1.8.0 with JDBC ojdbc7.jar fails with:

TCP connections work successfully.

The issue can be reproduced at will with the following steps:

1. Create a self-signed certificate in the database wallet
2. Export and import it into the java cacerts file used by ColdFusion .
3. Export the IIS server certificate and its certificate chain (as base 64 certificate files)
4. Import those certificates into the database wallet as trusted certificates.
5. Set SSL_CLIENT_AUTHENTICATION=FALSE in the sqlnet.ora (no client authentication)
6. Set ColdFusion java arguments: "-server -XX:MaxPermSize=256m -XX:+UseParallelGC -Xbatch -Dcoldfusion.home={application.home} -Dcoldfusion.rootDir={application.home} -Dcoldfusion.libPath={application.home}/lib -Dorg.apache.coyote.USE_CUSTOM_STATUS_MSG_IN_HEADER=true -Dcoldfusion.jsafe.defaultalgo=FIPS186Random -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1 -Dcoldfusion.enablefipscrypto=true"




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.