Re: SV: [Flashcoders] certificate
Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
SV: SV: [Flashcoders] certificate
Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: SV: SV: [Flashcoders] certificate
Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work why? PR Martin Baltzer a écrit : Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
SV: SV: SV: [Flashcoders] certificate
Because changing protocol, port or server makes flash thinks its crossing domains :) So you still have a crossdomain issue and need to be aware of possible inSecuredomain issues! 1.Go back and try http to http on different servers! If it works crossdomain issues should be ok 2. If step 1 works then try to switch vack to load from https and see what happens. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:05 Til: Flashcoders mailing list Emne: Re: SV: SV: [Flashcoders] certificate Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work why? PR Martin Baltzer a écrit : Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call
Re: SV: SV: SV: [Flashcoders] certificate
Ok, thank you very much Martin Baltzer We will have first to connect the application to the webservices as ths ws calls run, and after this we'll try your method. I just didn't understand why you set the allow-access-from tag to false? it concerns the caller? Will this false value allow the secured domain to accept requests from unsecured ones? Thx once more, PR Martin Baltzer a écrit : Because changing protocol, port or server makes flash thinks its crossing domains :) So you still have a crossdomain issue and need to be aware of possible inSecuredomain issues! 1.Go back and try http to http on different servers! If it works crossdomain issues should be ok 2. If step 1 works then try to switch vack to load from https and see what happens. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:05 Til: Flashcoders mailing list Emne: Re: SV: SV: [Flashcoders] certificate Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work why? PR Martin Baltzer a écrit : Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant
SV: SV: SV: SV: [Flashcoders] certificate
Yes exactly -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:25 Til: Flashcoders mailing list Emne: Re: SV: SV: SV: [Flashcoders] certificate Ok, thank you very much Martin Baltzer We will have first to connect the application to the webservices as ths ws calls run, and after this we'll try your method. I just didn't understand why you set the allow-access-from tag to false? it concerns the caller? Will this false value allow the secured domain to accept requests from unsecured ones? Thx once more, PR Martin Baltzer a écrit : Because changing protocol, port or server makes flash thinks its crossing domains :) So you still have a crossdomain issue and need to be aware of possible inSecuredomain issues! 1.Go back and try http to http on different servers! If it works crossdomain issues should be ok 2. If step 1 works then try to switch vack to load from https and see what happens. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:05 Til: Flashcoders mailing list Emne: Re: SV: SV: [Flashcoders] certificate Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work why? PR Martin Baltzer a écrit : Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within
Re: SV: SV: SV: SV: [Flashcoders] certificate
Superb! I thank all of you for your help! Martin Baltzer a écrit : Yes exactly -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:25 Til: Flashcoders mailing list Emne: Re: SV: SV: SV: [Flashcoders] certificate Ok, thank you very much Martin Baltzer We will have first to connect the application to the webservices as ths ws calls run, and after this we'll try your method. I just didn't understand why you set the allow-access-from tag to false? it concerns the caller? Will this false value allow the secured domain to accept requests from unsecured ones? Thx once more, PR Martin Baltzer a écrit : Because changing protocol, port or server makes flash thinks its crossing domains :) So you still have a crossdomain issue and need to be aware of possible inSecuredomain issues! 1.Go back and try http to http on different servers! If it works crossdomain issues should be ok 2. If step 1 works then try to switch vack to load from https and see what happens. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:05 Til: Flashcoders mailing list Emne: Re: SV: SV: [Flashcoders] certificate Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work why? PR Martin Baltzer a écrit : Oh yes and it is actually a bit har d to tell you where exactly things may fall apart:) 1. make sure that the crossdomain file responds on both http and https. Makes sure that the secure attribute is set to false allow-access-from domain=domainA secure=false / 2. If you have a swf on http loading in a swf or service on https you must declare System.security.allowInsecureDomain() inside the http swf ewven though its on the same domain (flash does not treat http://domain.com and https://domain.com equally) 3. Did you install your self signed certicate in the browser? If you hit any https page on the server do you get an alert the first time in the session? If so flash don't like that and you need to install the certificate first if possible. Another solution is to hit any https page on the server before launching your flash app because the alert only happens the first time in the session. /Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 10:11 Til: Flashcoders mailing list Emne: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your
Re: SV: [Flashcoders] certificate
One issue I had with internet exploder was the first time I did an https call instead of hitting the server I was asking it to hit, it went to the windows update site to see if there were any updates due, I still haven't figured out why it did this, and this was looking at the http traffic from the browser with a proxy... I had no issues with firefox. Grant. - Original Message - From: Martin Baltzer [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/12/06 2:07 AM Subject: SV: [Flashcoders] certificate Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: SV: [Flashcoders] certificate
Did you make sure the cross domain file is in the root folder ? Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/12/06 4:37 AM Subject: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: SV: [Flashcoders] certificate
Thanx, Grant The problem is now resolved, I've posted the explaination a little bit earlier... The crossdomain file was not in the real root folder, and there was a port problem. Many thanks for your help PR [EMAIL PROTECTED] a écrit : Did you make sure the cross domain file is in the root folder ? Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/12/06 4:37 AM Subject: Re: SV: [Flashcoders] certificate Thanks a lot for all your answers, Martin, Grant and Campbell, So I got a additional step: I have a domain problem now... the response.setHeader didn't change anything at the beginning, but may help to go further. the proxy, we tried to build one yesterday, but not enough time...so thanks for the link I got my service working on the 8443 port by uploading the swf on the same server where the service is located. Why isn't it possible to reach it from another domain? I put the crossdomain.xml on the server, is there another security rule? PR Martin Baltzer a écrit : Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
SV: [Flashcoders] certificate
Yes flash in Internet Explorer has serious problems with self signed or 3. party ssl certificates. If the certificate is a valid one (by Verisign) there are no issues. The problem is actually that when flash makes the request through IE the browser thinks the https page is already expired when it receives it and therefore it won't return it to flash. This is only an issue in Internet Explorer but it can be fixed if proper cache headers are being set on the serverside. In JAVA/JSP the following extra cache headers solved the problem for me :) response.setHeader(Cache-Control, no-store); response.setHeader(Pragma, no-store); Hope that works Martin -Oprindelig meddelelse- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] Sendt: 11. januar 2006 21:38 Til: flashcoders@chattyfig.figleaf.com Emne: Re: [Flashcoders] certificate I have had some issue's with certificates and flash. I use charles which is an http proxy to intercept the requests between the browser and the server to figure out what the issue was. 1st test is really to create an html page and call your webservice using a form post and make sure the certificates are working within the browser and the webserver BEFORE you try and use the service from flash. There is cheap http proxy thats better than charles but I forget who created it. ah, here is the link http://kevinlangdon.com/serviceCapture/ Grant. - Original Message - From: PR Durand [EMAIL PROTECTED] To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com Sent: 1/11/06 3:08 PM Subject: [Flashcoders] certificate Hi List It seems that I found antoher point to explain my difficulties to obtain a result in connecting my WS. The server has a Double-side certificate. I installed the certificate on firefox, so I can call correctly the https webservice via the browser, on the 8448 port without any problem, but maybe flash can't communicate correctly? I thought that the browser holding the swf was the only concerned by the certificate, as flash isn't seen by the servers, but only the webpage holding it... am I wrong? Can Flash have problems with the certificate? thanks a lot PR ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
