[flexcoders] Re: Self Signed Cert. For Secure SecureRTMPChannel

2007-02-12 Thread vitopn 
After a lot of struggling I finally got rtmps and https channels
working with self signed certificates (using openssl as a personal
certificate authority)

see this post
http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?catid=583&threadid=1242192

Doug,
  Thank you for your help.  The cacerts tip was key.


Cheers,
-Vito

--- In flexcoders@yahoogroups.com, "vitopn" <[EMAIL PROTECTED]> wrote:
>
> Tried that, still getting
> "NetConnection.Connect.CertificateUntrustedSigner".
> 
> I also tried putting the cert in firefox but that didn't work either.
>  Where exactly is Flex looking for the cert chain?
> 
> Has anyone used a self signed cert for SecureRTMP?  If so, a quick
> step by step post would really really be appreciated.
> 
> Thank you,
> -Vito
> 
> --- In flexcoders@yahoogroups.com, "Doug Lowder"  wrote:
> >
> > See if you have a keystore named "cacerts" under your Java
> > installation folder, and if so add the key to that keystore as well.
> > 
> > --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> > >
> > > Hi Doug,
> > > 
> > >   I'm fairly certain that the self-signed cert is in the keystore. 
> > > (Doesn't "keytool -genkey .." store the newly generated cert in the
> > > keystore?)  I am doing a list and the flex2cert is in there.
> > > 
> > > C:\Documents and Settings\vitopn>keytool -list -keystore
> > > C:\Tomcat\webapps\Presidio\WEB-INF\flex\.keystore
> > > Enter keystore password:  changeit
> > > 
> > > Keystore type: jks
> > > Keystore provider: SUN
> > > 
> > > Your keystore contains 2 entries
> > > 
> > > tomcat, Feb 8, 2007, keyEntry,
> > > Certificate fingerprint (MD5):
> > > FB:13:46:DE:C5:F9:BA:F7:D0:57:95:58:D5:AA:80:4F
> > > flex2cert, Feb 8, 2007, keyEntry,
> > > Certificate fingerprint (MD5):
> > > B5:8D:4C:DD:01:9B:09:01:3E:88:B9:90:4D:8F:70:6C
> > > 
> > > Any other thoughts?
> > > 
> > > Thank you,
> > > -Vito
> > > 
> > > --- In flexcoders@yahoogroups.com, "Doug Lowder" 
wrote:
> > > >
> > > > 
> > > > Looks like you didn't add the self-signed certificate to the
> > keystore. 
> > > > Check out the "keytool -import" command.
> > > > 
> > > >
> > >
> >
>
http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#Comman\
> > > > ds
> > > >
> > >
> >
>
 > > > nds> 
> > > >
> > >
> >
>
 > > > nds>
> > > > 
> > > > 
> > > > --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> > > > >
> > > > > What steps do I need to take to get a self signed certificate to
> > work
> > > > > with SecureRTMPChannel?
> > > > >
> > > > > I generate the keystore file with something like this:
> > > > > keytool -genkey -alias flex2cert -dname "CN=localhost,
> OU=Presidio,
> > > > > O=Presidio, L=San Francisco, S=California, C=CA" -validity 3650
> > > > >
> > > > > and configure the channel like this:
> > > > >  > > > > class="mx.messaging.channels.SecureRTMPChannel">
> > > > >  > > > > class="flex.messaging.endpoints.SecureRTMPEndpoint" />
> > > > > 
> > > > > 20
> > > > >
> > > >
> > >
> >
>
C:/Tomcat/webapps/Presidio/WEB-INF/flex/.keystore > > > re-file>
> > > > > changeit
> > > > > 
> > > > > 
> > > > >
> > > > >
> > > > > The server starts and I see this in the console:
> > > > > [Flex][INFO] Endpoint secureRTMP created with security: None
> > > > > at URI: rtmps://localhost:2099
> > > > > [Flex][WARN] The current license does not support clustering;
> > > > > clustering for all destinations is disabled.
> > > > > [Flex][INFO] RTMPS-Server listening on port:2099
> > > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-0
> > > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-1
> > > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-2
> > > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-3
> > > > >
> > > > >
> > > > > When I try to connect I get this:
> > > > >
> > > > > 'secureRTMP' channel got status. (Object)#0
> > > > > code = "NetConnection.Connect.CertificateUntrustedSigner"
> > > > > level = "status"
> > > > >
> > > > >
> > > > > Thank you,
> > > > > -Vito
> > > > >
> > > >
> > >
> >
>

[flexcoders] Re: Self Signed Cert. For Secure SecureRTMPChannel

2007-02-12 Thread vitopn 
Tried that, still getting
"NetConnection.Connect.CertificateUntrustedSigner".

I also tried putting the cert in firefox but that didn't work either.
 Where exactly is Flex looking for the cert chain?

Has anyone used a self signed cert for SecureRTMP?  If so, a quick
step by step post would really really be appreciated.

Thank you,
-Vito

--- In flexcoders@yahoogroups.com, "Doug Lowder" <[EMAIL PROTECTED]> wrote:
>
> See if you have a keystore named "cacerts" under your Java
> installation folder, and if so add the key to that keystore as well.
> 
> --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> >
> > Hi Doug,
> > 
> >   I'm fairly certain that the self-signed cert is in the keystore. 
> > (Doesn't "keytool -genkey .." store the newly generated cert in the
> > keystore?)  I am doing a list and the flex2cert is in there.
> > 
> > C:\Documents and Settings\vitopn>keytool -list -keystore
> > C:\Tomcat\webapps\Presidio\WEB-INF\flex\.keystore
> > Enter keystore password:  changeit
> > 
> > Keystore type: jks
> > Keystore provider: SUN
> > 
> > Your keystore contains 2 entries
> > 
> > tomcat, Feb 8, 2007, keyEntry,
> > Certificate fingerprint (MD5):
> > FB:13:46:DE:C5:F9:BA:F7:D0:57:95:58:D5:AA:80:4F
> > flex2cert, Feb 8, 2007, keyEntry,
> > Certificate fingerprint (MD5):
> > B5:8D:4C:DD:01:9B:09:01:3E:88:B9:90:4D:8F:70:6C
> > 
> > Any other thoughts?
> > 
> > Thank you,
> > -Vito
> > 
> > --- In flexcoders@yahoogroups.com, "Doug Lowder"  wrote:
> > >
> > > 
> > > Looks like you didn't add the self-signed certificate to the
> keystore. 
> > > Check out the "keytool -import" command.
> > > 
> > >
> >
>
http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#Comman\
> > > ds
> > >
> >
>
 > > nds> 
> > >
> >
>
 > > nds>
> > > 
> > > 
> > > --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> > > >
> > > > What steps do I need to take to get a self signed certificate to
> work
> > > > with SecureRTMPChannel?
> > > >
> > > > I generate the keystore file with something like this:
> > > > keytool -genkey -alias flex2cert -dname "CN=localhost,
OU=Presidio,
> > > > O=Presidio, L=San Francisco, S=California, C=CA" -validity 3650
> > > >
> > > > and configure the channel like this:
> > > >  > > > class="mx.messaging.channels.SecureRTMPChannel">
> > > >  > > > class="flex.messaging.endpoints.SecureRTMPEndpoint" />
> > > > 
> > > > 20
> > > >
> > >
> >
>
C:/Tomcat/webapps/Presidio/WEB-INF/flex/.keystore > > re-file>
> > > > changeit
> > > > 
> > > > 
> > > >
> > > >
> > > > The server starts and I see this in the console:
> > > > [Flex][INFO] Endpoint secureRTMP created with security: None
> > > > at URI: rtmps://localhost:2099
> > > > [Flex][WARN] The current license does not support clustering;
> > > > clustering for all destinations is disabled.
> > > > [Flex][INFO] RTMPS-Server listening on port:2099
> > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-0
> > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-1
> > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-2
> > > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-3
> > > >
> > > >
> > > > When I try to connect I get this:
> > > >
> > > > 'secureRTMP' channel got status. (Object)#0
> > > > code = "NetConnection.Connect.CertificateUntrustedSigner"
> > > > level = "status"
> > > >
> > > >
> > > > Thank you,
> > > > -Vito
> > > >
> > >
> >
>

[flexcoders] Re: Self Signed Cert. For Secure SecureRTMPChannel

2007-02-10 Thread Doug Lowder 
See if you have a keystore named "cacerts" under your Java
installation folder, and if so add the key to that keystore as well.

--- In flexcoders@yahoogroups.com, "vitopn" <[EMAIL PROTECTED]> wrote:
>
> Hi Doug,
> 
>   I'm fairly certain that the self-signed cert is in the keystore. 
> (Doesn't "keytool -genkey .." store the newly generated cert in the
> keystore?)  I am doing a list and the flex2cert is in there.
> 
> C:\Documents and Settings\vitopn>keytool -list -keystore
> C:\Tomcat\webapps\Presidio\WEB-INF\flex\.keystore
> Enter keystore password:  changeit
> 
> Keystore type: jks
> Keystore provider: SUN
> 
> Your keystore contains 2 entries
> 
> tomcat, Feb 8, 2007, keyEntry,
> Certificate fingerprint (MD5):
> FB:13:46:DE:C5:F9:BA:F7:D0:57:95:58:D5:AA:80:4F
> flex2cert, Feb 8, 2007, keyEntry,
> Certificate fingerprint (MD5):
> B5:8D:4C:DD:01:9B:09:01:3E:88:B9:90:4D:8F:70:6C
> 
> Any other thoughts?
> 
> Thank you,
> -Vito
> 
> --- In flexcoders@yahoogroups.com, "Doug Lowder"  wrote:
> >
> > 
> > Looks like you didn't add the self-signed certificate to the
keystore. 
> > Check out the "keytool -import" command.
> > 
> >
>
http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#Comman\
> > ds
> >
>
 > nds> 
> >
>
 > nds>
> > 
> > 
> > --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> > >
> > > What steps do I need to take to get a self signed certificate to
work
> > > with SecureRTMPChannel?
> > >
> > > I generate the keystore file with something like this:
> > > keytool -genkey -alias flex2cert -dname "CN=localhost, OU=Presidio,
> > > O=Presidio, L=San Francisco, S=California, C=CA" -validity 3650
> > >
> > > and configure the channel like this:
> > >  > > class="mx.messaging.channels.SecureRTMPChannel">
> > >  > > class="flex.messaging.endpoints.SecureRTMPEndpoint" />
> > > 
> > > 20
> > >
> >
>
C:/Tomcat/webapps/Presidio/WEB-INF/flex/.keystore > re-file>
> > > changeit
> > > 
> > > 
> > >
> > >
> > > The server starts and I see this in the console:
> > > [Flex][INFO] Endpoint secureRTMP created with security: None
> > > at URI: rtmps://localhost:2099
> > > [Flex][WARN] The current license does not support clustering;
> > > clustering for all destinations is disabled.
> > > [Flex][INFO] RTMPS-Server listening on port:2099
> > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-0
> > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-1
> > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-2
> > > [Flex][DEBUG] Created worker thread: RTMPS-Worker-3
> > >
> > >
> > > When I try to connect I get this:
> > >
> > > 'secureRTMP' channel got status. (Object)#0
> > > code = "NetConnection.Connect.CertificateUntrustedSigner"
> > > level = "status"
> > >
> > >
> > > Thank you,
> > > -Vito
> > >
> >
>

[flexcoders] Re: Self Signed Cert. For Secure SecureRTMPChannel

2007-02-09 Thread vitopn 
Hi Doug,

  I'm fairly certain that the self-signed cert is in the keystore. 
(Doesn't "keytool -genkey .." store the newly generated cert in the
keystore?)  I am doing a list and the flex2cert is in there.

C:\Documents and Settings\vitopn>keytool -list -keystore
C:\Tomcat\webapps\Presidio\WEB-INF\flex\.keystore
Enter keystore password:  changeit

Keystore type: jks
Keystore provider: SUN

Your keystore contains 2 entries

tomcat, Feb 8, 2007, keyEntry,
Certificate fingerprint (MD5):
FB:13:46:DE:C5:F9:BA:F7:D0:57:95:58:D5:AA:80:4F
flex2cert, Feb 8, 2007, keyEntry,
Certificate fingerprint (MD5):
B5:8D:4C:DD:01:9B:09:01:3E:88:B9:90:4D:8F:70:6C

Any other thoughts?

Thank you,
-Vito

--- In flexcoders@yahoogroups.com, "Doug Lowder" <[EMAIL PROTECTED]> wrote:
>
> 
> Looks like you didn't add the self-signed certificate to the keystore. 
> Check out the "keytool -import" command.
> 
>
http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#Comman\
> ds
>
 nds> 
>
 nds>
> 
> 
> --- In flexcoders@yahoogroups.com, "vitopn"  wrote:
> >
> > What steps do I need to take to get a self signed certificate to work
> > with SecureRTMPChannel?
> >
> > I generate the keystore file with something like this:
> > keytool -genkey -alias flex2cert -dname "CN=localhost, OU=Presidio,
> > O=Presidio, L=San Francisco, S=California, C=CA" -validity 3650
> >
> > and configure the channel like this:
> >  > class="mx.messaging.channels.SecureRTMPChannel">
> >  > class="flex.messaging.endpoints.SecureRTMPEndpoint" />
> > 
> > 20
> >
>
C:/Tomcat/webapps/Presidio/WEB-INF/flex/.keystore re-file>
> > changeit
> > 
> > 
> >
> >
> > The server starts and I see this in the console:
> > [Flex][INFO] Endpoint secureRTMP created with security: None
> > at URI: rtmps://localhost:2099
> > [Flex][WARN] The current license does not support clustering;
> > clustering for all destinations is disabled.
> > [Flex][INFO] RTMPS-Server listening on port:2099
> > [Flex][DEBUG] Created worker thread: RTMPS-Worker-0
> > [Flex][DEBUG] Created worker thread: RTMPS-Worker-1
> > [Flex][DEBUG] Created worker thread: RTMPS-Worker-2
> > [Flex][DEBUG] Created worker thread: RTMPS-Worker-3
> >
> >
> > When I try to connect I get this:
> >
> > 'secureRTMP' channel got status. (Object)#0
> > code = "NetConnection.Connect.CertificateUntrustedSigner"
> > level = "status"
> >
> >
> > Thank you,
> > -Vito
> >
>

[flexcoders] Re: Self Signed Cert. For Secure SecureRTMPChannel

2007-02-09 Thread Doug Lowder 

Looks like you didn't add the self-signed certificate to the keystore. 
Check out the "keytool -import" command.

http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#Comman\
ds
 



--- In flexcoders@yahoogroups.com, "vitopn" <[EMAIL PROTECTED]> wrote:
>
> What steps do I need to take to get a self signed certificate to work
> with SecureRTMPChannel?
>
> I generate the keystore file with something like this:
> keytool -genkey -alias flex2cert -dname "CN=localhost, OU=Presidio,
> O=Presidio, L=San Francisco, S=California, C=CA" -validity 3650
>
> and configure the channel like this:
>  class="mx.messaging.channels.SecureRTMPChannel">
>  class="flex.messaging.endpoints.SecureRTMPEndpoint" />
> 
> 20
>
C:/Tomcat/webapps/Presidio/WEB-INF/flex/.keystore
> changeit
> 
> 
>
>
> The server starts and I see this in the console:
> [Flex][INFO] Endpoint secureRTMP created with security: None
> at URI: rtmps://localhost:2099
> [Flex][WARN] The current license does not support clustering;
> clustering for all destinations is disabled.
> [Flex][INFO] RTMPS-Server listening on port:2099
> [Flex][DEBUG] Created worker thread: RTMPS-Worker-0
> [Flex][DEBUG] Created worker thread: RTMPS-Worker-1
> [Flex][DEBUG] Created worker thread: RTMPS-Worker-2
> [Flex][DEBUG] Created worker thread: RTMPS-Worker-3
>
>
> When I try to connect I get this:
>
> 'secureRTMP' channel got status. (Object)#0
> code = "NetConnection.Connect.CertificateUntrustedSigner"
> level = "status"
>
>
> Thank you,
> -Vito
>