air HTML HTMLLoader load https ssl with untrusted or unknown certificate, click 'yes' does nothing

Report · Jun 25, 2010

When i go to a https website with an untrusted certificate i get this warning.

when i click "yes" the HTML component does not go anywhere. just a blank white screen.

tried this out with adobe air 1.5 and 2.0

Report · Aug 23, 2010

Moved thread to the Problems & Bugs forum.

Report · Aug 24, 2010

Hi,

Thank you for reporting this. This issue happens only Windows Vista and Windows 7, on Windows XP this is working as expected. I have reported this issue on our internal bug tracker (2699857) and sent it to be investigated.

In the meanwhile, one workaround that you could use is to install the untrusted or unknown certificate in your Trusted Root Certificate Authorities. You can install the certificate from Internet Explorer while accessing the same resource.

Best Regards,

-Catalin

Report · Dec 09, 2010

Hi,

this workaround doesn't work in my application.

Is bug still open or has anyone fixed this problem?

Is it possible to extend class responsible for dispatching that particular exception that manages validity of certificate?

I was checking how SecureSocket class works but I still can't find a solution . Any advices?

Thanks in advance

Gianni

Report · Dec 09, 2010

Hi Gianni,

This bug is still open, but as far as we knew the workaround was still viable. You might be running into another problem if it's not working for you. Is it possible to post or send us some sample code that would illustrate the problem you're seeing? Please feel free to email me at ccampbel@adobe.com if this is something you'd rather not make public.

Thanks,

Chris

Report · Dec 10, 2010

Sorry,

probably I'm wrong,

could you tell me how to install untrusted certificate in my Trusted Root Certificate Authorities?

Yesterday I found certificate under "not trusted authors" heading..Could you illustrate step by step procedure?

Sorry but I'm a beginner,

thanks in advance

Gianni

Report · Dec 13, 2010

Hi Gianni,

I'm not an expert on this, but I found this discussion that described a few approaches users took to accomplish this on Windows. Hopefully this helps.

What do I need to do to get IE8 to accept a self signed certificate?

Chris

Report · Jan 24, 2011

Ok thanks for helpfulness.

But just another question...

Is it possible to know something about state of Internal Bug #2331039 which deal with this problem?Is there a website that I look up?

Thanks

Gianni

Report · Jan 24, 2011

Hi Gianni,

From our investigation, we've determined that this is a bug in the OS network stack. Microsoft does have a workaround which you can find here:

http://support.microsoft.com/?id=330338

Please let me know if you run into any troubles.

Thanks,

Chris

Report · Jan 25, 2011

Thanks,

workaround works.

Now a warning message appears when I try to open url with https. Then, clicking "yes" I get that particular resource.

This "warning message" appears every time I initialize the application. So when I close Air application and, then, i launch it again that message appears.

Is it possible to avoid these problems?

Gianni

Report · Feb 28, 2011

Chris, that particular hotfix you from Microsoft you linked to looks to be for IE 6. I have Windows 7 running IE8. Anyway, more progress or status updates from Adobe's side on this? Or is this issue completely up to Microsoft to fix?

Rob

Report · May 12, 2011

Hi,

I have the same problem on win 7 with my AIR project that worked fine with HTTP (HTTPService) and that has a chaotic behaviour with HTTPS, i.e. for each request the user need to clic 2 times on yes. The first time for accept the fact that the certificate is not validated by an offcial authority and the second time because the name in the certificate is not corresponding with the name of the server....

Do these two actions for each request makes the application unusable ! I already tried to add my certificate to CA Root on my machine but it didn't resolve anything. Is there a solution to disable these warning from my air application ? Can I continue to use HTTPService for my communication ? Need I use low level classes as SecureSocket ?

Thanks !

Julien

Message was edited by: JulienBu Additionnal info : I tried to establish a socket connection on my server with SecureSocket class and I didn't find a way to bypass the blocking IOError #2031:Socket Error with the serverCertificateStatus = "principalMismatch". If I good understand, the socket do not want to connect to my server because it has not the good name and there is no way to accept to continue... That's it ?

Report · May 12, 2011

Hi Julien,

Thanks for bumping this thread. The quick update is that the original bug (#2699857) is still open but I unfortunately don't have a timeframe for a fix. If you wouldn't mind, could you open a new bug at bugbase.adobe.com? Please reference this thread and post back with your bug URL. We'll link the internal bug to yours. I'd also recommend others following along to vote for the public bug and add comments if possible.

Thanks,
Chris

Report · Jun 22, 2011

has a bug been opened for this yet so we can vote on it and get it rolling?

Report · Jun 22, 2011

Not that I know of, please feel free to set one up.

Thanks,

Chris

Report · Jun 23, 2011

Chris, I submitted issue # 2904361 to cover this issue.

Report · Jun 23, 2011

Thank you. For anyone effected by this bug, I'd encourage you to vote for it at: https://bugbase.adobe.com/index.cfm?event=bug&id=2904361 and leave a note about how it impacts you.

Thanks,
Chris