SoZo Hosting 800-640-4892: Specializing In Windows Dedicated Server, Linux Dedicated Server, ColdFusion Dedicated Server, ColdFusion Hosting, Cloud Hosting, Windows Hosting, Linux Hosting, SEO, Web Full Page Ads...

How To Solve Connection Issue With Authorize.Net Updating Root CAs (Also Updating Keytool For ColdFusion)?


Login onto your web server that has the website that stopped connecting to after their May 27, 2015 security updates found on this link:  

On your windows web sever create a folder called AuthorizeNetMay2715CARootCerts.    Click on this link: and click on the download button and from the Root CA link, download all the .cer files to your new AuthorizeNetMay2715CARootCerts folder. Click on this link:  and only download the Root 2 - GeoTrust Global CARoot .cer file to your new AuthorizeNetMay2715CARootCerts folder.  Click on this link: and the 3rd header called CyberTrust, click on the .crt file link under that header and download to your new AuthorizeNetMay2715CARootCerts folder.  So now you have all the new .cer files to install.  If you dont have ColdFusion then you can skip down 3 paragraphs and go right to installing these in the MMC console in the first 5 MMC steps below.

Open  up windows explorer and find out where coldufsion is installed such as [drive letter] CFusionXX\runtime\jre\ folder where XX is the Coldfusion version.  Also look at the location where the leytool.exe is (drive letter] CFusionXX\runtime\jre\bin\ )  and where the cacerts file is  ([drive letter] CFusionXX\runtime\jre\lib\security\).  Make a copy of the [drive letter] CFusionXX\runtime\jre/lib\security\cacerts file in the same folder in case you mess up and have to go back to use the file again.  For saving keystrokes in the cmd line prompt section below for the keytool, I temporarily would copy all the .cer files in the new AuthorizeNetMay2715CARootCerts folder to {drive letter] CFusionXX\runtime\jre\bin folder just for 5 minutes while you run these commands then delete them out of the folder.  Open up a command prompt, navigate to the [drive letter] CFusionXX\runtime\jre\/bin\ folder and run this command for each of the .cer files.  We will assume for the example shown that Coldfusion is on the c drive and is version 9 and the cacerts file is in c:\CFusion9\runtime\jre\lib\security\cacerts folder. So type the following in the command line and hit the enter key entering a similar name for the NAMEOFCERTWITHOUTCEREXTENSION  and then the actual name of the .cer file after -file.

–import –trustcacerts -keystore c:\CFusion9\runtime\jre\lib\security\cacerts –storepass changeit –noprompt –alias NAMEOFCERTWITHOUTCEREXTENSION –file actualnameofcerfile.cer

After hitting enter of the above you should get an import successfully message. (note:   changeit above does not have a dash in front if it) . Press F3 to get back your last set of keystrokes and backspace up to alias NAMEOFCERTWITHOUTCEREXTENSION –file actualnameofcerfile.cer and replace it with the next name of the .cer file to import.  Do this for each .cer file. 


Now to import each of the .cer files you download into the MMC: with these steps:

1) Click on the Windows start menu (lower left corner of your screen) then choose the RUN menu then enter MMC in the run box and click on the enter button

2) Click on the top left menu of the MMC and select the ADD menu option to add a Snap in

3) From the list of smap ins, select the Certificates one, then next and select the bottom of the 3 choices (run on COMPUTER), next then click ADD then OK

4) You will see the certificates folder on the left of the MMC now so click on it and on the right side window pane, click on the root certificate authority folder as that is where these root CA .cer files go

5) Right click your mouse on the root certificate authority folder on the right side window pane and select import option.  This asks you where the .cer file is so navigate to the new AuthorizeNetMay2715CARootCerts folder click on the top .cer file and click  next then next and then the finish button and you get the message "Imported". Do this for all the .cer files

6) Delete the extra copy of the .cer files you make in the CFusionXX/runtime/jre/bin folder if you did that section for Coldfusion websites

7) Restart Coldfusion Application Services in the administration services screen.

Happy trails in your testing!



Sozo Hosting offers ColdFusion and Windows Dedicated Server solutions. We also offer windows cloud server and linux cloud server managed hosting solutions at attractive pricing!