[flexcoders] Re: Using RMTPS channel
Hi again Seth, I follow your solution, I imported the certificate to my FireFox browser to the section Your certificates. I also import my cacert.cert into FireFox in the Authorities section and in this path/System/Library/Frameworks/JavaVM.framework/Home/lib/security, in the cacerts file i have the next entry: Alias name: myprivateca Creation date: Dec 4, 2008 Entry type: trustedCertEntry Owner: [EMAIL PROTECTED], CN=10.100.72.165, OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX Issuer: [EMAIL PROTECTED], CN=10.100.72.165, OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX Serial number: 875fed8624c6414d Valid from: Thu Dec 04 12:31:19 CST 2008 until: Fri Dec 04 12:31:19 CST 2009 Certificate fingerprints: MD5: 3D:AB:30:93:34:56:E7:DA:E6:41:D0:52:F9:38:54:E0 SHA1: E1:83:9E:4C:8C:A2:BB:EA:D0:EE:E8:14:EE:C1:6F:C9:F5:4C:91:7E *** *** After i tried again in debug mode and the Flex Builder console show me the next one: 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer starting resubscribe timer. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.SSLHandshakeFailed level = status '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.SSLHandshakeFailed level = status '7540C905-0C6E-84BE-E092-040409E73F95' consumer stopping resubscribe timer. '7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for '7570FE6F-FBAC-B48A-F254-0404457B1783'. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for '7570FE6F-FBAC-B48A-F254-0404457B1783'. What im doing wrong or what could be the problem?? Thank so much for your help Seth --- In flexcoders@yahoogroups.com, Seth Hodgson [EMAIL PROTECTED] wrote: The NetStatusEvent underlying the connect error you're seeing has the code: NetConnection.Connect.CertificateUntrustedSigner This indicates that the connection is being closed because the server certificate (self-signed in your case) that you're using for your SecureRTMPEndpoint is not in your browser's trust store. This wouldn't be an issue if you were using a cert signed by a CA, but can be more trouble when dealing with self-signed certs. You need to import the server certificate into your browser's trust store - Googling around should get you the info you need. Also, the name in your server cert should match the domain name the client is hitting, in this case, 10.100.72.165, so that might be something else to double check. Other than that, your configuration looks fine based on a quick skim. Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Wednesday, December 03, 2008 2:48 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Using RMTPS channel Thanks for your quickly response Seth Well this is the top of the iceberg =P the problem began when i switch to use the SecureRTMP channel, my scenario is: FireFox 3 Weblogic 9.2 LiveCycle Data Services 2.5.1 I have follow the instructions of this link http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?catid=583threadid=1242192 in order to create the keystore needed. Im using also the mx:TraceTarget/ in order to see, why the flex client is not connecting to the jms topic. My services-config.xml is the next one: channel-definition id=my-rtmps class=mx.messaging.channels.SecureRTMPChannel endpoint url=rtmps://10.100.72.165:2038 class=flex.messaging.endpoints.SecureRTMPEndpoint/ properties idle-timeout-minutes60/idle-timeout-minutes keystore-file/Users/ivanalvarez/.keystore/keystore-file keystore
RE: [flexcoders] Re: Using RMTPS channel
The NetConnection.Connect.SSLHandshakeFailed status indicates that the platform SSL library for the machine you're running the player on decided not to complete the handshake for some reason. Unfortunately, the platform library doesn't give the player much in the way of useful detail... I think the most probable reason for the failure in your case is the use of an IP in the CN field of your cert. You should use an actual domain name instead. DynDNS can be a great way of creating a test domain name to use for this sort of testing. Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Thursday, December 04, 2008 2:11 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Using RMTPS channel Hi again Seth, I follow your solution, I imported the certificate to my FireFox browser to the section Your certificates. I also import my cacert.cert into FireFox in the Authorities section and in this path/System/Library/Frameworks/JavaVM.framework/Home/lib/security, in the cacerts file i have the next entry: Alias name: myprivateca Creation date: Dec 4, 2008 Entry type: trustedCertEntry Owner: [EMAIL PROTECTED], CN=10.100.72.165, OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX Issuer: [EMAIL PROTECTED], CN=10.100.72.165, OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX Serial number: 875fed8624c6414d Valid from: Thu Dec 04 12:31:19 CST 2008 until: Fri Dec 04 12:31:19 CST 2009 Certificate fingerprints: MD5: 3D:AB:30:93:34:56:E7:DA:E6:41:D0:52:F9:38:54:E0 SHA1: E1:83:9E:4C:8C:A2:BB:EA:D0:EE:E8:14:EE:C1:6F:C9:F5:4C:91:7E *** *** After i tried again in debug mode and the Flex Builder console show me the next one: 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer starting resubscribe timer. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.SSLHandshakeFailed level = status '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.SSLHandshakeFailed level = status '7540C905-0C6E-84BE-E092-040409E73F95' consumer stopping resubscribe timer. '7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for '7570FE6F-FBAC-B48A-F254-0404457B1783'. 'my-rtmps' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmps' channel polling stopped. 'my-rtmps' channel connect failed. '7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' '7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for '7570FE6F-FBAC-B48A-F254-0404457B1783'. What im doing wrong or what could be the problem?? Thank so much for your help Seth --- In flexcoders@yahoogroups.com, Seth Hodgson [EMAIL PROTECTED] wrote: The NetStatusEvent underlying the connect error you're seeing has the code: NetConnection.Connect.CertificateUntrustedSigner This indicates that the connection is being closed because the server certificate (self-signed in your case) that you're using for your SecureRTMPEndpoint is not in your browser's trust store. This wouldn't be an issue if you were using a cert signed by a CA, but can be more trouble when dealing with self-signed certs. You need to import the server certificate into your browser's trust store - Googling around should get you the info you need. Also, the name in your server cert should match the domain name the client is hitting, in this case, 10.100.72.165, so that might be something else to double check. Other than that, your configuration looks fine based on a quick skim. Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Wednesday, December 03, 2008 2:48 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Using RMTPS channel Thanks for your quickly response Seth Well this is the top of the iceberg =P the problem began when i switch to use the SecureRTMP channel
[flexcoders] Re: Using RMTPS channel
Thanks for your quickly response Seth Well this is the top of the iceberg =P the problem began when i switch to use the SecureRTMP channel, my scenario is: FireFox 3 Weblogic 9.2 LiveCycle Data Services 2.5.1 I have follow the instructions of this link http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?catid=583threadid=1242192 in order to create the keystore needed. Im using also the mx:TraceTarget/ in order to see, why the flex client is not connecting to the jms topic. My services-config.xml is the next one: channel-definition id=my-rtmps class=mx.messaging.channels.SecureRTMPChannel endpoint url=rtmps://10.100.72.165:2038 class=flex.messaging.endpoints.SecureRTMPEndpoint/ properties idle-timeout-minutes60/idle-timeout-minutes keystore-file/Users/ivanalvarez/.keystore/keystore-file keystore-passwordmysecret/keystore-password /properties /channel-definition With this configuration im getting from the flex builder console something like this: '50AAE63C-2313-1A9C-3F32-FF00D0C1EBEF' producer acknowledge of '608F502B-1676-3E78-5E1C-FF014898CB30'. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'B96CEE26-A82C-4240-93C1-FF014871F02A' producer acknowledge of 'F1BE9D60-E49D-C5CB-F54D-FF014A1433C2'. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmp' channel polling stopped. 'my-rtmp' channel connect failed. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer starting resubscribe timer. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmp' channel polling stopped. 'my-rtmp' channel connect failed. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer stopping resubscribe timer. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer fault for '4843355D-D7FE-9CC7-28C8-FF0184426C29'. Does any of you have had this kind of problem, which would be the best way to solve this problem? Thank very much in advanced --- In flexcoders@yahoogroups.com, Seth Hodgson [EMAIL PROTECTED] wrote: Hi Ivan, No, SecureRTMPChannel has no dependency on SecureAMFChannel. More info here: http://livedocs.adobe.com/livecycle/8.2/programLC/programmer/lcds/help.html?content=lcconfig_1.html Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Tuesday, December 02, 2008 1:33 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Using RMTPS channel Hi group, i have a simple question, If i want to use the SecureRTMPChannel its a must the SecureAMFChannel be enabled? Thanks in advanced. Ivan.
RE: [flexcoders] Re: Using RMTPS channel
The NetStatusEvent underlying the connect error you're seeing has the code: NetConnection.Connect.CertificateUntrustedSigner This indicates that the connection is being closed because the server certificate (self-signed in your case) that you're using for your SecureRTMPEndpoint is not in your browser's trust store. This wouldn't be an issue if you were using a cert signed by a CA, but can be more trouble when dealing with self-signed certs. You need to import the server certificate into your browser's trust store - Googling around should get you the info you need. Also, the name in your server cert should match the domain name the client is hitting, in this case, 10.100.72.165, so that might be something else to double check. Other than that, your configuration looks fine based on a quick skim. Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Wednesday, December 03, 2008 2:48 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Using RMTPS channel Thanks for your quickly response Seth Well this is the top of the iceberg =P the problem began when i switch to use the SecureRTMP channel, my scenario is: FireFox 3 Weblogic 9.2 LiveCycle Data Services 2.5.1 I have follow the instructions of this link http://www.adobe.com/cfusion/webforums/forum/messageview.cfm?catid=583threadid=1242192 in order to create the keystore needed. Im using also the mx:TraceTarget/ in order to see, why the flex client is not connecting to the jms topic. My services-config.xml is the next one: channel-definition id=my-rtmps class=mx.messaging.channels.SecureRTMPChannel endpoint url=rtmps://10.100.72.165:2038 class=flex.messaging.endpoints.SecureRTMPEndpoint/ properties idle-timeout-minutes60/idle-timeout-minutes keystore-file/Users/ivanalvarez/.keystore/keystore-file keystore-passwordmysecret/keystore-password /properties /channel-definition With this configuration im getting from the flex builder console something like this: '50AAE63C-2313-1A9C-3F32-FF00D0C1EBEF' producer acknowledge of '608F502B-1676-3E78-5E1C-FF014898CB30'. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'B96CEE26-A82C-4240-93C1-FF014871F02A' producer acknowledge of 'F1BE9D60-E49D-C5CB-F54D-FF014A1433C2'. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmp' channel polling stopped. 'my-rtmp' channel connect failed. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer starting resubscribe timer. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.Failed level = error 'my-rtmp' channel polling stopped. 'my-rtmp' channel connect failed. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer channel faulted with Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038' 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer trying to resubscribe. 'my-rtmp' channel got connect attempt status. (Object)#0 code = NetConnection.Connect.CertificateUntrustedSigner level = status 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer stopping resubscribe timer. 'EBCA076E-686F-8A0F-D36E-FF0148778098' consumer fault for '4843355D-D7FE-9CC7-28C8-FF0184426C29'. Does any of you have had this kind of problem, which would be the best way to solve this problem? Thank very much in advanced --- In flexcoders@yahoogroups.com, Seth Hodgson [EMAIL PROTECTED] wrote: Hi Ivan, No, SecureRTMPChannel has no dependency on SecureAMFChannel. More info here: http://livedocs.adobe.com/livecycle/8.2/programLC/programmer/lcds/help.html?content=lcconfig_1.html Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi Sent: Tuesday, December 02, 2008 1:33 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Using RMTPS channel Hi group, i have a simple question, If i want to use the SecureRTMPChannel its a must the SecureAMFChannel be enabled? Thanks in advanced. Ivan.