How to access Flash Apps over https with a self signed certificate?
I have a Flex app that needs to access data from a SOAP web service over https with a self signed certificate. The app needs to ignore the https warnings, just as a browser would warn & allow the user to proceed. Buying a valid signed certificate is not an option for us.
It works fine over http.
How can I achieve this?
I read that URLRequest has a property: authenticate, that I can set to false. However, this property is available only for Adobe AIR applications from what I can see. This doesn't seem available for Flex apps.
I have tried this in both Flex 3 & the latest Flash Builder 4. Have the same issue in both cases.
Help appreciated.
Thanks
You'd really need to ask in the Flex or Flash Builder forums as this is a front end code modification and Flash Player can't do any of that.
Similar Messages
-
Mail.app with a self-signed certificate in postfix/dovecot
I thought I'd post this tidbit about getting Mail.app to work correctly with a self-signed certificate in a postfix/dovecot Linux installation; in my case under Debian Lenny. After setting this up, my Mail.app refused to connect to the outgoing server to deliver mail. In the postfix logs, I would see "SSL_accept error from ...: -1". The problem ended up being that postfix uses the default "snakeoil" self-signed certificate, while dovecot creates its own. If the IMAP and SMTP hosts are the same as they were in my case, when you accept the dovecot certificate upon the first IMAP connection, the SMTP connection with a different certificate will fail. This is because after the accept there is now a known certificate for that host, and the new certificate presented by postfix will not match. To fix this, either use different hosts for IMAP and SMTP, or use the same (perhaps the "snakeoil") certificate in both the postfix and dovecot configuration.
Exactly the same problem, except I'm using FF v6 for Windows, not FF v4 as for the lead post. This is for a self-cert which IS trusted, although the error message says it isn't.
-
Problem with placing self-signed certificate in trust store on WLS 10.3
I have had some problems setting up two-way SSL on WLS 10.3.2.
1. I have not been able to use the java properties listed on
http://weblogic-wonders.com/weblogic/2010/11/09/enforce-weblogic-to-use-sun-ssl-implementation-rather-than-certicom/
to use the native Java SSL implementation rather than the certicom. Has anyone else had success using these?
-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
-Dssl.SocketFactory.provider=com.sun.net.ssl.internal.SSLSocketFactoryImpl
-DUseSunHttpHandler=true
-Dweblogic.wsee.client.ssl.usejdk=true (for webservice clients)
2. When I use the ValidateCertChain to validate my keystore with the self-signed certificate I get the message
CA cert not marked with critical BasicConstraint indicating it is a CA
Certificate chain is invalid
which I read was a problem with certificates generated by keytool, yet I find I was not able to circumvent this
by setting the property weblogic.security.SSL.enforceConstraints to off in the WLS server environment.
Has anyone else noticed this?
3. The error I get is
####<Feb 15, 2011 1:12:21 PM EST> <Debug> <SecuritySSL> <hostname> <server
<[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1297793541204> <BEA-000000> <Exception during hands
hake, stack trace follows
java.lang.NullPointerException
at com.certicom.security.cert.internal.x509.X509V3CertImpl.checkValidity(Unknown Source)
at com.certicom.security.cert.internal.x509.X509V3CertImpl.checkValidity(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.findInTrusted_Validity(Unknown Source)
####<Feb 15, 2011 1:12:21 PM EST> <Debug> <SecuritySSL> <hostname> <server> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tunin
g)'> <<WLS Kernel>> <> <> <1297793541207> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 40
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
Are there other conditions besides the issue about the missing Basic Constraint field that can raise an
alert with type 40?
4. Steps I used to generate jks keystore for inclusion in trust keystore (actual values substituted):
** keytool -genkey -alias mykey -keystore mykeystore -validity 35600 \
-dname "cn=Common Name, ou=Common Name, o=Org, l=location, s=state, c=US" \
-storepass mypass -keypass mypass
** exported a DER format head certificate of mykey into mykey.cer.der
** keytool -import -trustcacerts -keystore DemoTrust.jks -alias mykey -file mykey.cer.der
Any comments appreciated and thanks for this forum.Faisal,
Certicom has an internal restriction that a Date must be notBefore 1970 and notAfter 2105 inclusive.The Java-generated key is valid until Wed Mar 14 11:03:59 EDT 2108. Your knowledge of this area is
quite impressive, thank you so much for this! -
How pass client credentials to ws client and accept self signed certificate
How do you connect to a web service over ssl and accept self-signed certificates. I generated the client using JAX-WS but i ran into two problems. First of all, how do you pass the client credentials? And second, how can you accept a self-signed certificate?
Thanks for your comments Jason.
I'm not quite sure why the certificate has client auth. It does seem to be a misconfiguration, but I do see both 7.3.1 & 7.3.2 on the cert. That seems like a possible fix, but in a backwards way. I can get those certificates reissued, but I'm confused
as to why config manager itself is not installing per the site settings.
My default install is via a vbs script you wrote (1.6.5). The other methods I've tried in this particular instance are by browsing to the server and running ccmsetup.exe from explorer out of my sms_<site> directory, and by using command line
specifying the /mp:mp.mysite.com
I looked for command line switches to use, but there's no /NoUsePKI switch or /UseSelfSigned...
any suggestions for a better installation method? -
Avoid an alert with using self-signed certificate
Hi
I want to publish a free product and I would like to use a free self-signed certificate
But during installing, the Adobe Exstension Manager shows an alert
Where is a way how to avoid this alert with using a self-signed certificate (I generated certificate with help of Adobe Exchange Packager) or I should only use a paid code-signed certificate?
Best regards
MaximAs I understund, "Show warning when instaling..." this option available only for end user in Exstantion manager, right? It means there is no way how to switch off this warning if I use ucf.jar tool for packing ZPX and an user uses default setting on this end. When, only one way is left - to buy a payed certificate, even for free product. Correct?
-
Some clients migrated from 2007 is presented with the self signed certificate in 2013
I have migrated from 2007 to 2013. I did a couple of test migrations and on the ones with domain member computers Outlook is giving a certificate warning. The certificate they are presented with is the default self signed certificate on the 2013 server.
Even though I have added a trusted public certificate to Exchange and checked of to use With IIS.
I see that the default certificate is also checked of to use With IIS and it cant be removed in ECS. Shouldnt this be removed from IIS all together when adding a New certificate? And why does some Clients gets presented With the self signed and some With
the Public? For instance owa is presented With the Public cert. Also and Outlook I tested from outside the domain.
RegardsOnly the UCC certificate should be bound to IIS.
Are any clients using POP or IMAP, which also use SMTP? In this case clients can be presented with the "wrong" certificate as well.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Does Firefox Home work with custom servers with a self signed certificate?
I've setup my own custom Firefox Sync server which has a self signed SSL certificate.
When I try to connect to it using Firefox Home I get the error:
Cannot Sync - Failed To Communicate With Server (1)
Firefox on my Mac and Windows laptop Sync fine with my custom firefox sync server providing I create an exception first. But no such luck with my iPhone.Access your server with ssl using https://<servername> . Firefox will warn you about untrusted certificate, and suggest you to add an exception. This exception will work for firefox sync too.
-
With the new Firefox 10.0 cannot connect to my office https portal (with a self-signed certificate)
The connexion is not possible from any computer (tested on different Windows Platform) . Firefox try to connect without apparent error. Same problem with firefox 10.0.1 . No problem with Firefox 9 (or previous version).
But I've used the debugger Fiddler Tool, I get this warning:
Session #4: The remote server (###.###.###.###) presented a certificate that did not validate, due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors.
SUBJECT: CN=F1000C000920300401, OU=F1000-C, O=NETASQ - Secure Internet Connectivity, L=Villeneuve d'Ascq, S=Nord, C=FR
ISSUER: OU=NETASQ Firewall Certification Authority, O=NETASQ - Secure Internet Connectivity, L=Villeneuve d'Ascq, S=Nord, C=FR
EXPIRES: 29/10/2013 12:41:15
If I acknowledge theses warnings, it seems the connexion is possible.
Any ideas?I'm searching the reason o f this problem. And I'v read that Firefox could have stop to support MD5-Based Certificate. And the algorithm is in this case.
May be is this the explanation? -
In Firefox 4.0 I have a server ... it contains a self signed certificate. Using IPv6 I can not add a "Security Exception" for this certificate.
1. I log onto the server (using IPv6). I get the "Untrusted connection page" saying "This connection is Untrusted"
2. I click on "Add Exception.." under the "I understand the Risks" section.
3. The "Add Security Exception" dialog comes up. soon after the dialog comes up I get an additional "Alert" dialog saying
An exception occured during connection to xxxxxxxxx.
Peer's certificate issuer has been marked as not trusted by the User.
(Error code sec_error_untrusted_issuer).
Please note that this works in Firefox 3.6.16 (in IPv4 and IPv6). It also works in Firefox 4.0 in IPv4 only IPv6 has an issue. What's wrong?Exactly the same problem, except I'm using FF v6 for Windows, not FF v4 as for the lead post. This is for a self-cert which IS trusted, although the error message says it isn't.
-
How to register iOS device when using self signed certificate with apple Server?
Hi,
I have installed the server.app by Apple and used a slef signed certificate for my server. Now I want to register my different devices (iMac, iPhone etc.). I could register the iMac without problesm (I just had to add my self signed certificate to the trusted certificates)
Sadly, with the iPhone it is not that easy. I can install the "trust profile", but still after that I can not register my device. It seems like it does not accept my self signed certificate for device registration. When adding a registration profile, I get the error "www._mydomain_.tld/devicemanagement/api/device/auto_join_ota_service" is not valid.
Nethertheless, I can install a profile with setting, e.g. my imap settings, via the profile management without problems.
Does anyone have an idea how to get around the problem with the self signed certificate?
Best regardsTry deleting the Server.app and download it again from the App Store, restart.
My Server is also using self signed certificates and is working with iOS device (Trust Profile needed first). -
How-to install a self-signed certificate on Sony Ericcson W350
I am a developer and I am writing a j2me application for a Sony Ericcson W350 phone which needs to be able to use the phones SMS capabilities. I have a signed .jar and .jad file with a self-signed certificate. However, the phone is still treating my application as an untrusted third party app. I think this is occuring because my self-signed certificate isn't in the java certificate store on the phone. Is there a way to load my self-signed certificate into the java certificate store? I have tried copying it over to the phone via bluetooth and usb and installing it through the filesystem, however there isn't an option to install the certificate when browsing to it from the phone's filesystem. Any help would be much appricated.
Deactivating existing Java certificates prevented me from installing the .jad file. I accessed the phone's file system using both Sony PC Companion with USB and using the OS file browser over bluetooth.
-
Export extension to ZXP with self-signed certificate
Hello,
I am having this issue with Extension Manager not allowing the install of an extension exported from Extension Builder with a self-signed certificate. It always says that the signature is invalid, even with the sample projects exported packages. I am on Mac OS Snow Leopard. Anyone else experiencing this ?
Regards.Hello,
I am having this issue with Extension Manager not allowing the install of an extension exported from Extension Builder with a self-signed certificate. It always says that the signature is invalid, even with the sample projects exported packages. I am on Mac OS Snow Leopard. Anyone else experiencing this ?
Regards. -
How to access Oracle Apps 11i forms using Vmware Player?
Hi,
I have installed Oracle Apps 11i on native OS OEL5 Server and guest OS Windows XPP using Vmware Player.Now how to access Oracle Apps 11i forms from Windows XPP using Vmware on my OEL5 Server Desktop?
Thank's
Regard's
RerryHi,
If you mean how to access eBusiness Suite from within the Virtual Machine, then you just navigate to the same URL you normally would. You may need to put the machine alias in your hosts file if you are referencing it via machine name rather than IP address.
If you mean that you want to load the form in forms builder (for example) then you need to FTP the form from server to client (as you normally would) and then open it in your client (XP virtual machine).
If you want to use Workflow Builder (as per your original requirement) then you need to ensure that the TNSNAMES.ora file in the Workflow Builder home has an entry for your instance on Linux, and then you should be able to connect to the database directly.
HTH,
Matt
WorkflowFAQ.com - the ONLY independent resource for Oracle Workflow development
Alpha review chapters from my book "Developing With Oracle Workflow" are available via my website http://www.workflowfaq.com
Have you read the blog at http://www.workflowfaq.com/blog ?
WorkflowFAQ support forum: http://forum.workflowfaq.com -
How to renew your self-signed certificate p12 with Flash Builder
I have been using a self-signed certificate (generated using Adobe Flash Builder 4.7) for my Android app. The app is live on Google Play market but the certificate is going to expire soon, and I know if I create new certificate and update my app, existing Android users will not be able to auto-update the app (as the App's Signature has been changed). I would like to know how can we re-new the self-signed Certificate .p12 with Flash Builder?
Thank you very much.After doing my research about the self-signed certificate created by Adobe Flash Builder , I realized that was my mistake to think that the certificate would expire soon. I doubled check the expiration date of my self-signed certificate and the date was set to 35 years after I generated it using flash builder 4.7 (which is very safe).
For anyone who wants to check the self-signed .p12 expiration date you follow the instruction from this link:
http://bsdsupport.org/how-do-i-determine-the-expiration-date-of-a-p12-certificate/
Hope it helps -
HT4847 how do access my apps in icloud?
how do access my apps in icloud?
If you mean on your iPad, go to the App Store on the iPad, select Purchased at the bottom to see Apps you have already purchased.
You can filter the list to things not currently installed with the "Not on This iPad" tab at the top.
You can then see purchased Apps you can download from the Cloud.
Dowload by clicking on the "Cloud Download" button.
ivan
Maybe you are looking for
-
Line item Display for G/L Account Regarding report RFSEPA01
In transactions reports: FBL3N and FS10N I have differents accounts balances display. I already had tried to execute the RFSEPA01 but it shows RUNTIME ERROR ..Somebody knows a program to equal these . please treat this as a urgent..
-
How do I set up multiple computers to use time machine on time capsule
I have tried to set my other macs on time capsule using time machine as the backup device. All I get is the error message "there is a problem connecting ot the server.... Check the server name and ip address. This is supposed to be easy, so how do I
-
I've asked a similar question to this on an Office Community Forum but nobody knows the answer. So I was hoping that an IT professional responsible for installing and deploying Office 2013 might know. If you download an installation disk image (ISO/
-
Incorrect payload in receiver adapter
Hi everybody! We came across following situation. We have a PI scenario IDOC->File. We have one ERP as a Sender and a couple of Receiver FTP systems. There are 3 inbound interfaces for each Receiver system with different message types and mappings fo
-
How do I see the number of albums that I have import to my Itunes?
How do I see the number of albums that I have import to my Itunes? In the earlier version of Itunes I could see the number of albums, categories etc. that I have in my Itunes. How do I see the same info in Itunes 7.1.1? Best Kudsk