8

In my project I need to connect to an intra-net web service but we need SSL connection between the two machines. Because this is an intra-net site the certificate of the web service might be a self-signed certificate. The web service and the web page that loads my Flex application resides on the same web server (tomcat) so when I load the web page of the application with HTTPS I been asked to confirm the certificate, I confirm it but this confirmation does not apply on the Flex application (on Internet Explorer and Firefox). I tried Google's Chrome and it actually asked me twice for confirmation, one for the web page and one for the connection to the web service so it worked great.

Is there a way to tell Flash player to accept also self-signed certificates of is it entirely concern the browser and Adobe guys can't do nothing about it? In other words, is there a way to connect to a self-signed certificates HTTPS web services from Adobe Flex???

Thanks.

4

4 回答 4

2

When I put on my security hat the answer would be I hope not. I don't want browser plugins to bypass my browser security settings. I'd consider that a vulnerability.

There might be a way for standalone Air applications, but in browser Flash should honor browser settings.

于 2008-10-12T09:49:16.983 回答
1

In your company, you could create your own root CA, add its certificate to all machines that will access the intranet, and then have the CA issue your web service a certificate. The certificate will no longer be self-signed. The two main issues are: (1) managing the private key of your CA, (2) distributing the CA's root certificate to client PCs.

于 2008-10-12T09:56:43.503 回答
1

您需要下载证书并将其安装在 IE 和 Firefox 上。

在 IE 上安装证书:

http://www.markwilson.co.uk/blog/2008/11/trusting-a-self-signed-certificate-in-windows.htm

要在 FF 上安装证书:

转到工具-> 选项,然后单击加密选项卡。单击“查看证书”,然后单击“导入”。

根据我的经验,证书必须经过验证或安装在浏览器中才能使 Flash 正常工作。证书还需要有一个有效的主机名,但如果您需要这样做以进行测试,您只需编辑客户端的主机文件即可。

于 2008-12-19T16:43:30.187 回答
1

好吧,flash 播放器应该只使用浏览器来建立连接并完成它。我们这里有类似的设置。我们使用自制证书,并通过 HTTPS 与 AMF 通道通信。我的猜测是,虽然我们的设置不同,因为我们通过 HTTPS 通道加载 Flash 应用程序本身,所以它是从 HTTPS 到同一个 HTTPS 服务器的。也许你可以试试?这是我们的 Tomcat 服务器的设置:

Tomcat 服务器/客户端自签名 SSL 证书

于 2010-01-20T15:43:48.493 回答