Because changing protocol, port or server makes flash thinks its crossing domains :)
So you still have a crossdomain issue and need to be aware of possible inSecuredomain issues! 1.Go back and try http to http on different servers! If it works crossdomain issues should be ok 2. If step 1 works then try to switch vack to load from https and see what happens. /Martin -----Oprindelig meddelelse----- Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand Sendt: 12. januar 2006 14:05 Til: Flashcoders mailing list Emne: Re: SV: SV: [Flashcoders] certificate Thanks a lot, Martin! I don't call a swf from antoher, I will have a project on a http:1024 server and will call webservices on another server, on https:8443. The next version will have a Flash Media Server between the 2 others. We've finally found the problem !! it works now but there's still something not very clear. There were 2 problems : the developper by the customer had told me that he had put the crossdomain.xml in the root folder, but he did in the project root folder, not the server one... 2 days to find this out ... argh !! The ohter thing is the strange one : to make it run, my html page holding the calling swf has to be also on a https:8443 server also !! Even if it's antoher server, ohter domain, etc... if I change the port or let it without https, I doesn't work.... why? PR Martin Baltzer a écrit : >Oh yes and it is actually a bit har d to tell you where exactly things may >fall apart:) > >1. make sure that the crossdomain file responds on both http and https. Makes >sure that the secure attribute is set to false ><allow-access-from domain="domainA" secure="false" /> > >2. If you have a swf on http loading in a swf or service on https you must >declare System.security.allowInsecureDomain() inside the http swf ewven though >its on the same domain (flash does not treat http://domain.com and >https://domain.com equally) > >3. Did you install your self signed certicate in the browser? If you hit any >https page on the server do you get an alert the first time in the session? If >so flash don't like that and you need to install the certificate first if >possible. Another solution is to hit any https page on the server before >launching your flash app because the alert only happens the first time in the >session. > >/Martin > >-----Oprindelig meddelelse----- >Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af PR Durand >Sendt: 12. januar 2006 10:11 >Til: Flashcoders mailing list >Emne: Re: SV: [Flashcoders] certificate > >Thanks a lot for all your answers, Martin, Grant and Campbell, >So I got a additional step: I have a domain problem now... >the response.setHeader didn't change anything at the beginning, but may >help to go further. the proxy, we tried to build one yesterday, but not >enough time...so thanks for the link >I got my service working on the 8443 port by uploading the swf on the >same server where the service is located. >Why isn't it possible to reach it from another domain? I put the >crossdomain.xml on the server, is there another security rule? > >PR > > > >Martin Baltzer a écrit : > > > >>Yes flash in Internet Explorer has serious problems with self signed or 3. >>party ssl certificates. If the certificate is a valid one (by Verisign) there >>are no issues. >> >>The problem is actually that when flash makes the request through IE the >>browser thinks the https page is already expired when it receives it and >>therefore it won't return it to flash. >> >>This is only an issue in Internet Explorer but it can be fixed if proper >>cache headers are being set on the serverside. >> >>In JAVA/JSP the following extra cache headers solved the problem for me :) >> >>response.setHeader("Cache-Control", "no-store"); >>response.setHeader("Pragma", "no-store"); >> >> >>Hope that works >>Martin >> >> >>-----Oprindelig meddelelse----- >>Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne af [EMAIL PROTECTED] >>Sendt: 11. januar 2006 21:38 >>Til: flashcoders@chattyfig.figleaf.com >>Emne: Re: [Flashcoders] certificate >> >>I have had some issue's with certificates and flash. >> >>I use charles which is an http proxy to intercept the requests between the >>browser and the server to figure out what the issue was. 1st test is really >>to create an html page and call your webservice using a form post and make >>sure the certificates are working within the browser and the webserver BEFORE >>you try and use the service from flash. >> >>There is cheap http proxy thats better than charles but I forget who created >>it. >> >>ah, here is the link http://kevinlangdon.com/serviceCapture/ >> >>Grant. >> >>----- Original Message ----- >>From: PR Durand [EMAIL PROTECTED] >>To: Flashcoders mailing list flashcoders@chattyfig.figleaf.com >>Sent: 1/11/06 3:08 PM >>Subject: [Flashcoders] certificate >> >> >> >> >> >>>Hi List >>>It seems that I found antoher point to explain my difficulties to obtain >>>a result in connecting my WS. >>>The server has a Double-side certificate. I installed the certificate on >>>firefox, so I can call correctly the https webservice via the browser, >>>on the 8448 port without any problem, >>>but maybe flash can't communicate correctly? >>>I thought that the browser holding the swf was the only concerned by the >>>certificate, as flash isn't seen by the servers, but only the webpage >>>holding it... am I wrong? Can Flash have problems with the certificate? >>>thanks a lot >>>PR >>> >>>_______________________________________________ >>>Flashcoders mailing list >>>Flashcoders@chattyfig.figleaf.com >>>http://chattyfig.figleaf.com/mailman/listinfo/flashcoders >>> >>> >>> >>> >>_______________________________________________ >>Flashcoders mailing list >>Flashcoders@chattyfig.figleaf.com >>http://chattyfig.figleaf.com/mailman/listinfo/flashcoders >>_______________________________________________ >>Flashcoders mailing list >>Flashcoders@chattyfig.figleaf.com >>http://chattyfig.figleaf.com/mailman/listinfo/flashcoders >> >> >> >> >> >> > >_______________________________________________ >Flashcoders mailing list >Flashcoders@chattyfig.figleaf.com >http://chattyfig.figleaf.com/mailman/listinfo/flashcoders >_______________________________________________ >Flashcoders mailing list >Flashcoders@chattyfig.figleaf.com >http://chattyfig.figleaf.com/mailman/listinfo/flashcoders > > > > _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders