2 Replies Latest reply on Dec 2, 2008 4:51 AM by sysfor

    Sefl-signed ssl certificate not possible?

    sysfor
      Hello everyone,

      could it be that oit is not even possible to let flex' webservice or httpservice connect to a
      https webservice that is secured by a self-signed certificate? There is absolutely no reason
      for me to buy a "real" certificate just for encryption purposes.
      I installed crossdomain.xml on the target server, the webservice is running fine when pasting
      the urls into the browser and I installed the certificate into IE (which I have to use here), so
      is gives no error and shows the nifty little lock in the address bar. But Flex refuses to work,
      except for running the app locally (means by clicking "run" in flex builder).
      I'm using Flex 2.01 if important.

      So, could anyone help me? Or is Flex just so ignorant to self-signed webservices?

      bye
      sysfor
        • 1. Re: Sefl-signed ssl certificate not possible?
          Mitek17 Level 1
          Hi sysfor,

          I am using the proper SSL certs in production and self-signed in development & testing, no problems so far.
          Flex/Flash does not deal with SSL certs authentications - this task is delegated to browser.

          So I presume that you are facing a different kind of a problem - your crossdomain.xml is not setup properly.
          Have you checked the policyfiles.txt log?
          Another point, you are probably doing the calls on direct URLS (https://myhost/path). Instead you should use a relative path. I.e. if your swf was downloaded from server myhost, then it should simply do the calls to ./path.

          Cheers,
          Dmitri.




          • 2. Re: Sefl-signed ssl certificate not possible?
            sysfor Level 1
            Hi Mitek17,

            thanks a lot for your answer, it pointed the way to the right solution ;)
            In fact, my problem was the crossdomain.xml policy, but I did not know
            about the use of policyfiles.txt before.
            My mistake was to set "secure='true'" in the "allow-access-from" tag,
            although my flex app was server unsecured, so I got this error.
            Addidionally, I can't use relative URLs because my app and my service
            reside on different subdomains, but that doen't seem to harm here.

            Anyway, thanks again for your answer
            sys