Thomas and Kim, Thanks for your thought and suggestions. It is indeed working as designed I believe. What confused me is I saw the ID and password in the packet flows for the Code Server. I think that makes sense when running in dev mode. If I examine the only the packets for the built-in server, then indeed they are encrypted.
I also validated by running against a tomcat v6 server with SSL enabled. Again, your assistance is very much appreciated. Mike On Thursday, January 10, 2013 3:00:45 PM UTC-8, kim young ill wrote: > > are u sure the wireshark catch the right channel/device ? > try with openssl to localhost to see if the connection is ssl or not > > sth like: > openssl s_client -connect host:port > > hth > > > On Thu, Jan 10, 2013 at 5:24 PM, Thomas Broyer <[email protected]<javascript:> > > wrote: > >> >> >> On Thursday, January 10, 2013 4:59:47 PM UTC+1, Mike wrote: >>> >>> I used wireshark to examine the packets. All the packet exchanges were >>> TCP and the payloads were clearly readable. There was not handshake and >>> no encrypted packets. >>> >> >> I'd swear it worked OK for me (used tcmdump and wireshark); and if your >> browser tells you it's over HTTPS (even with a weak certificate), then I >> wouldn't contradict it. >> >> >> -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/6Nz1TOYGjAkJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
