The NetConnection.Connect.SSLHandshakeFailed status indicates that the
platform SSL library for the machine you're running the player on decided not
to complete the handshake for some reason. Unfortunately, the platform library
doesn't give the player much in the way of useful detail...
I think the most probable reason for the failure in your case is the use of an
IP in the CN field of your cert. You should use an actual domain name instead.
DynDNS can be a great way of creating a test domain name to use for this sort
of testing.
Best,
Seth
From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of ivhaggi
Sent: Thursday, December 04, 2008 2:11 PM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Re: Using RMTPS channel
Hi again Seth,
I follow your solution, I imported the certificate to my FireFox
browser to the section Your certificates.
I also import my cacert.cert into FireFox in the Authorities section
and in this
path/System/Library/Frameworks/JavaVM.framework/Home/lib/security, in
the cacerts file i have the next entry:
Alias name: myprivateca
Creation date: Dec 4, 2008
Entry type: trustedCertEntry
Owner: [EMAIL PROTECTED], CN=10.100.72.165,
OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX
Issuer: [EMAIL PROTECTED], CN=10.100.72.165,
OU=asigna, O=asigna, L=mexico, ST=mexico, C=MX
Serial number: 875fed8624c6414d
Valid from: Thu Dec 04 12:31:19 CST 2008 until: Fri Dec 04 12:31:19
CST 2009
Certificate fingerprints:
MD5: 3D:AB:30:93:34:56:E7:DA:E6:41:D0:52:F9:38:54:E0
SHA1: E1:83:9E:4C:8C:A2:BB:EA:D0:EE:E8:14:EE:C1:6F:C9:F5:4C:91:7E
***
***
After i tried again in debug mode and the Flex Builder console show me
the next one:
'my-rtmps' channel got connect attempt status. (Object)#0
code = NetConnection.Connect.Failed
level = error
'my-rtmps' channel polling stopped.
'my-rtmps' channel connect failed.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with
Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038'
'7540C905-0C6E-84BE-E092-040409E73F95' consumer starting resubscribe
timer.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe.
'my-rtmps' channel got connect attempt status. (Object)#0
code = NetConnection.Connect.SSLHandshakeFailed
level = status
'7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe.
'my-rtmps' channel got connect attempt status. (Object)#0
code = NetConnection.Connect.Failed
level = error
'my-rtmps' channel polling stopped.
'my-rtmps' channel connect failed.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with
Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038'
'7540C905-0C6E-84BE-E092-040409E73F95' consumer trying to resubscribe.
'my-rtmps' channel got connect attempt status. (Object)#0
code = NetConnection.Connect.SSLHandshakeFailed
level = status
'7540C905-0C6E-84BE-E092-040409E73F95' consumer stopping resubscribe
timer.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for
'7570FE6F-FBAC-B48A-F254-0404457B1783'.
'my-rtmps' channel got connect attempt status. (Object)#0
code = NetConnection.Connect.Failed
level = error
'my-rtmps' channel polling stopped.
'my-rtmps' channel connect failed.
'7540C905-0C6E-84BE-E092-040409E73F95' consumer channel faulted with
Channel.Connect.Failed undefined url:'rtmps://10.100.72.165:2038'
'7540C905-0C6E-84BE-E092-040409E73F95' consumer fault for
'7570FE6F-FBAC-B48A-F254-0404457B1783'.
What im doing wrong or what could be the problem??
Thank so much for your help Seth
--- In flexcoders@yahoogroups.com, Seth Hodgson [EMAIL PROTECTED] wrote:
The NetStatusEvent underlying the connect error you're seeing has
the code: NetConnection.Connect.CertificateUntrustedSigner
This indicates that the connection is being closed because the
server certificate (self-signed in your case) that you're using for
your SecureRTMPEndpoint is not in your browser's trust store.
This wouldn't be an issue if you were using a cert signed by a CA,
but can be more trouble when dealing with self-signed certs.
You need to import the server certificate into your browser's trust
store - Googling around should get you the info you need.
Also, the name in your server cert should match the domain name the
client is hitting, in this case, 10.100.72.165, so that might be
something else to double check.
Other than that, your configuration looks fine based on a quick skim.
Best,
Seth
From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED]
On Behalf Of ivhaggi
Sent: Wednesday, December 03, 2008 2:48 PM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Re: Using RMTPS channel
Thanks for your quickly response Seth Well this is the top of the
iceberg =P the problem began when i switch to use the SecureRTMP