Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Import WebServices over SSL with Flex Builder 3

Posted on 2009-07-09
1
Medium Priority
?
1,733 Views
Last Modified: 2013-12-02
Hi everyone.

Before to start, here's my configuration :

Flex Builder 3
JBoss 4.2.2.GA for the server part (meaning TomCat running under)

I access the server trough http://localhost:8081, https://localhost:8443

I'm facing quite a strange problem and couldn't find any thread on the flex subject.
I got an application written in Java and wrote some more code to have some Web Services. The client is written in AS3 with Flex Builder.
When I import the services and create the client classes (with the Flex Builder Wiazrd/ Import Web Service) over HTTP I got no problems. But when I try to carry one of the WS over SSL, Flex Builder tells me "Unable to load the WSDL. Specify another URI".
The thing that's is disturbing is that I set up the connector :

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false"
                     keystoreFile="${jboss.server.home.dir}/ssl/kc.keystore"
                     keystorePass="changeit" sslProtocol="TLS" />

I told the server to secure the WS into the web.xml file

<security-constraint>
    <web-resource-collection>
      <web-resource-name>All resources</web-resource-name>
      <url-pattern>/UserAuthenticationWS</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

I set up a crossdomain.xml file into the ROOT.war folder of JBoss

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
      <allow-access-from domain="*" to-ports="*" secure="false"/>
</cross-domain-policy>


And I also set up the keystore for the  server and even export/import the cert to the jdk that's currently running my FlexBuilder but I still have the same problem.
I checked the Flex Builder logs and found this error :

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

.. which is quite a common error as I read many thread on it but always with different configurations. I can access the service with a browser and even succeed to import a secured WS of Amazon with no problems.

I don't know if some of you faced this problem already and how you you fixed it. Hope you'll give me tips rapidly.

-I'm not well aware about the crossdomain.xml file since I'm not really sure that the wizard for web services is asking for it .... but anyway
-I set up only "localhost" for the certificate as I got couple of problems by specifying another fancy name :)
-I'm lost ... need help !

Thanks for your help
0
Comment
Question by:KCTeam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
KCTeam earned 0 total points
ID: 24822579
Hey girls, hey guys ...

I finally ended up to find the solution.

Here's the problem summarized :

In SSL, especially with self signed certificate, you must explicitely add the certificate on the client side:

-Firefox complains and asks your permission to accept the certificate
-IE complains too ..
- A java application could complain too (http://www.astorm.ch/blog/index.php?post/2008/07/23/WebService-et-HTTPS)

When importng a WS with Flex Builder, the client is actually ... FB.
So I added the certificate under the cacerts of the JDK, since FB is running on it but it didn't work ...

Here's why: FB has his own cacerts file, the location where it keeps track of every certificates. Once the certificate has been added on this repo, Flex Builder doesn't complain anymore and generate the appropriate classes :)

Hope this might help


0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
There are numerous questions about how to setup an IBM HTTP Server to be administered from WebSphere Application Server administrative console. I do hope this article will wrap things up and become a reference for this task. You need three things…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question