Enabling SSL results in some CFHTTP requests to fail.


We ran into a really confusing issue with some CFHTTP requests failing, with Unknown host: Received fatal alert: handshake_failure

As far as I can tell, this happens when SSL is enabled for CommandBox. When we disable SSL, the requests are made successfully.

Here's a repro case: https://github.com/mjclemente/commandbox-ssl-cfhttp-repro

The TLDR; is that when SSL is enabled, the requests fail, but when it's disabled, they succeed.

Note, enabling SSL does not cause all CFHTTP requests to fail - just a subset. For what it's worth, one of the commonalities seems to be that the sites that fail have certificates provided by Cloudflare.

Finally, this is a regression. The same code runs without issue on Commandbox 4.8


Miguel Mathus


Matthew Clemente


Affects versions

Fix versions