As Steve and Reed have pointed out, it is indeed a well-known problem. Two examples reported in this forum
http://forums.adobe.com/thread/1203444
http://forums.adobe.com/message/4246821#4246821
Generally, to use SSL in ColdFusion, you first have to import the certificate into the key store of ColdFusion's JRE. You may do so dynamically in 2 steps:
1) Test whether the site is SSL. If so, use cfexecute to run Openssl to download the certificate to a location on your server;
2) Use the Keytool utility to import the file from 1) into the keystore {JRE_DIR}/lib/security/cacerts of your ColdFusion installation.
However, not having tested this, I wonder whether it is possible to update the settings like this without restarting the server.