Thanks Laurence,
1. In my Flex source code, I have in various files > ><mx:RemoteObject id="myServices" > destination="ColdFusion" > source="famous.connectors.mycfcfile" > showBusyCursor="true" > fault="Alert.show(event.fault.faultString, 'Error')"> > > >Do I need to change the destination to SecureColdFusion in above code or if I >make the changes I mentioned in remoting-config.xml it will be sufficient? >Sorry, if my question is naive. > > The destination in your RemoteObject is where it will send all ColdFusion requests -- if that destination is named ABCXYZ123, it doesn't matter, as long as that destination exists in your remoting-config.xml file and its channel-ref is set to "my-cfamf-secure". So, whatever changes you decide to make to your .xml files, just make sure that the destination name is set the same in both your Flex program and the CF .xml files... Thanks for clarifying, so I what I thought needs to be done is fortunately correct. The cool thing is -- if you want some of your CF requests to be secure, and others not to be (because secure channels are usually slower), you simply create two destinations in your remoting-config.xml file -- one that points to my-cfamf and the other one that points to my-cfamf-secure. Then set the destination in your Flex code accordingly... Thanks, I did not know that could be done. > >4. How do I create a secure server-cert so that I can use it on the >development >machine? I looked at http://msdn.microsoft.com/en-us/library/ms751408.aspx and >but don't have Visual Studio installed so don't have the makecert.exe. I am >using IIS 5.1 on a Win XP Professional OS. > I used WinServer 2003, with IIS 6, so I had all that stuff installed already... Unfortunately I can't help you with IIS 5.1 and Win XP... I have no experience with that... Maybe you can upgrade to IIS 6.0? I'm honestly not sure if that would even solve the problem -- all I know is my WinServer 2003 box came with IIS 6.0 installed, and had all the stuff I needed to make a cert of my own... Then I had to add it to my trusted-certs store in each of my browsers on each of the machines I use... Fun! (NOT!) I saw a link http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html and have to try it out. Hope it works fine. One last thing I should mention -- you will have to create a cross-domain policy file... crossdomain.xml It's different for each specific server that you're going to be working with, so you can't use the same one from server-to-server. (And your production server, if it's serving any other Flash-related stuff, should already have one.) So you'll have to do a bit of research to figure out how to set up your own crossdomain.xml file, if you don't already have one... If you don't have a crossdomain.xml file in the root of your web-server, Flash Player will refuse to load secure content, in most cases... Or it will constantly give you "Do you trust this site?" messages... Either way, not good. So lookup crossdomain.xml and start reading. :-) The production server currently is hosting the earlier version of this project as secure content. Can I assume I should be OK? Thank you for your time and advice. ------------------------------------------------------------- To unsubscribe from this list, simply email the list with unsubscribe in the subject line For more info, see http://www.affug.com Archive @ http://www.mail-archive.com/discussion%40affug.com/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
