开发者

Problem with https certificate in Flex Mobile Application

When I try to get data in a mobile flex app f开发者_C百科rom a secure site, I get following alert:

A secure connection with this site cannot be verified. Would you still like to proceed? The certificate you are viewing does not match the name of the site you are trying to view.

For each call, I get the popup. If I keep on clicking Yes, the app works fine (but I would like to avoid that ;-)).

Any ideas? Apparently, the url from where the request comes, is not the same as defined in the certificate... But what is the url if called from a mobile app (standalone)? It's neither an error, because you can click on yes. So it's more that the client gives a warning. The annoying thing is that you can't accept it permanently...


This is the same whenever a cert is not correct and chrome or firefox alerts you and asks if you want to proceed. You cant accept a faulty cert on the behalf of your users. The easiest way to fix this is to tell the site owner to get a proper cert.


Check with your system administrators of website whether certificate installed is issued for your domain. It appears that certificate is issued for a domain https:///xxxx where as it is installed on https://yyyy

Bypassing is OK for testing , it seems finally you will have to get this corrected


In my experience this only comes up with self-signed certs, expired certs, and when you are calling the cert by a URL that is not identified in the cert.

With most certs they are associated with a single host/domain combination, i.e. https://www.domain.com

That means that they cannot be used with any other domain host combination. Not even http://domain.com or https://sub.domain.com.

There are certs that will support different hosts on the same domain (www.domain.com, sub.domain.com, etc). They are called wildcard cert. They are very expensive compared to normal single domain certs.

My guess is that in the browser you are calling www.domain.com but in your AIR app you are calling domain.com or calling some other host. That or you have permanently accepted the improper cert in the browser.

I have never have a problem with anything improperly identifying a valid cert. Not a browser, Flex app, AIR application. Ever.

If you view the cert in the browser you should be able to see what domain/host it is registered to. Make sure you are using exactly that. Any variation will cause the error.


As a temporarily solution I added some exceptions to the URL Rewrite Module, so that communication by Mobile App can be done with HTTP. But it's no longer secure, so I would rather use HTTPS.


I have also faces this issue and simple solution is fixed the certificate issue. If not possible then forget about using the HTTPS use HTTP only. So you never get any complain about any certificate issue.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜