I have a flex mobile app developed using the 4.6 SDK. I have used the Data/Services wizard to create a link with an ASP .NET webservice that lives on our primary production webserver and supplies information to the Flex Mobile app. Even though the URL is specified as being HTTPS, none of the data is being encrypted as it flows between the mobile app and the service on the webserver. This causes any data such as credentials for validation to be passed back and forth in plain text which is a disaster!
I've seen mention of the ChannelSets (especially the SecureHTTPChannel) but I'm not sure if I am supposed to use this in addition to what the normal Flex webservice wizard already generated for me? All of the documentation and google searching appear to point out examples that are way out of date. Any help you folks could provide would be greatly appreciated!
Do you have a services-config.xml file? Usually channels are described in a config file, which includes options for creating a secure channel.
This page might have some useful info on it:
drkstr_1, thanks for the reply! Was starting to feel alone . Quoting from the link you sent me (which I had previously discovered when originally googling the issue) 'You can always use the HTTPService and WebService components instead of RemoteObject' - I am already using the WebService component built into the Flex 4.6 framework so I am not using the RemoteObject approach. Additionally, the flex application I am developing is a mobile app designed to be deployed to the various different app stores and it is calling into an ASP .NET webservice so I really don't see where a 'services-config.xml' file would fit into this equation at all...
Any other ideas?