ColdFusion 10 CFC web service fails with javax.servlet.ServletException: https is forbidden

Question

This question is similar to the link below, which is focused on Java:

Web service authentication using https giving error

However, this problem is specific to ColdFusion 10 and the answer from the question above just hinted at the solution in ColdFusion 10.

The problem: You have a web service CFC and it works perfectly over http (port 80). When you attempt to run the same web service over https (port 443) the web service fails. The errors are not very helpful from IIS or ColdFusion. If you look through the exception logs, you'll find an error message like this:

javax.servlet.ServletException: https is forbidden

The cause of the problem is that the "transportReceiver" is set up to only work with http by default with ColdFusion 10.

Answer 1

For Windows:

Open the file {cfusionhome}\cfusion\wwwroot\WEB-INF\axis2.xml

Search for the following line:

<transportReceiver name="http"
                   class="coldfusion.xml.rpc.CFAxisServletListener"/>

Replace that line with:

<!--    <transportReceiver name="http"
                   class="coldfusion.xml.rpc.CFAxisServletListener"/> -->

<transportReceiver name="http" class="coldfusion.xml.rpc.CFAxisServletListener">
    <parameter name="port">80</parameter>
</transportReceiver>

<transportReceiver name="https" class="coldfusion.xml.rpc.CFAxisServletListener">
    <parameter name="port">443</parameter>
</transportReceiver>

Then restart the "ColdFusion 10 Application Server" service.