I am running JBoss with SSL, the certificate is generated with openssl:
<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
keystorePass="password" sslProtocol = "TLS" />
My client is an AIR application which interacts with the Java EE Server through GraniteDS. On the Flex/AIR side, I updated the channel to a SecureAMFChannel on services-config.xml:
<channel-definition id="myApp-graniteamf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint uri="https://localhost:8443/myApp/graniteamf/amf"
class="flex.messaging.endpoints.SecureAMFEndpoint" />
</channel-definition>
Now, when I connect from my client, AIR asks me if I want to go ahead with the connection (view certificate, etc.).
I'm new to the whole SSL/HTTPS concept, but I've read some docs. What I'm trying to figure out now, is how to make my App know that a server is safe (localhost in this case). From what I got so far, the client application should "trust the server as a CA", or just trust the certificates from a certain server.
Can you give me some clues as to where to start to implement this on my AIR client side application?