I'm in the process of migrating some CFML projects from Adobe ColdFusion 2016 to either CF2021 or Lucee. After the recent CF2016v17 update, I've been reading some reports of SSL connections not working and wanted to find out for myself if all platforms returned equivalent results when connecting to badssl.com. While badssl is meant for manual testing of security UI in web clients, it's the best (and only) public SSL testing endpoint that I could find.
Here's the TestBox unit CFC with 59 tests based on the SSL connection results that are currently expected by the Chromium browser. (8 of the tests failed to identify the SSL as "invalid", but that's because CFHTTP doesn't perform the same validity checks that Chromium does.)