Connecting from local http server to the BA Server on https

04-28-2011 01:05 PM
New Contributor II

My app is deployed in the local tomcat server and connects to a BA Server on remote box.  It worked fine when the protocol was http.  After installing the SSL cert in the IIS7 server, the app fails with an error message when accessing from the flex api.  Accessing the rest services directly from the browser works fine.  I also have the crossdomain.xml file accessible by

SecurityError: Error #2048: Security sandbox violation:

Http Request
4/28/2011 17:04:11.312 [INFO] mx.messaging.Producer '165115DB-C3C8-FFDB-703A-9DED16300E95' producer set destination to 'DefaultHTTP'.
4/28/2011 17:04:11.328 [INFO] mx.messaging.Producer '417EA358-2D7A-40D4-AEEC-9DED1640138E' producer set destination to 'DefaultHTTP'.
4/28/2011 17:04:11.359 [INFO] mx.messaging.Producer '165115DB-C3C8-FFDB-703A-9DED16300E95' producer connected.
4/28/2011 17:04:11.359 [INFO] mx.messaging.Producer '165115DB-C3C8-FFDB-703A-9DED16300E95' producer sending message '13628587-96FE-471B-581B-9DED165FDFE5'
4/28/2011 17:04:11.390 [DEBUG] mx.messaging.Channel 'direct_http_channel' channel sending message:
  body = (Object)#1
  clientId = (null)
  contentType = "application/x-www-form-urlencoded"
  destination = "DefaultHTTP"
  headers = (Object)#2
  httpHeaders = (Object)#3
  messageId = "13628587-96FE-471B-581B-9DED165FDFE5"
  method = "GET"
  recordHeaders = false
  timestamp = 0
  timeToLive = 0
  url = ""

How come the destination is going as DefaultHTTP and not https?  After installing the cert in IIS 7 on which BA Server is installed do i have to make any specific changes on the BA Server end to get this working?
0 Kudos
2 Replies
New Contributor II
I am sorry i guess this is got nothing to do with BA Server but the crossdomain.xml.  Still searching what the solution is.
0 Kudos
New Contributor II
Using this crossdomain.xml fixes this issue.  I am using this only for development and not for production environment so i am good.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
   <allow-access-from domain="*" secure="false"/>
0 Kudos