I've had quite a bit of success implementing the Socket class in AS3, particularly with making HTTP requests to retrieve binary (images) or ascii (JSON) data. However, I need to be able to be flexible between HTTP and HTTPS - so given the current state of AS3's Socket class, this becomes a problem.
My question isn't necessarily limited to AS3, but maybe there's some insight in core lib that I'm not aware of. Obviously changing the port and protocol of a HTTP request to 443
and ssl://
is not sufficient - Apache (for example) will respond saying that you are a moron (sic) and it isn't going to serve you anything over an SSL connection.
So I referenced Bruce Wang's secure sockets in Flex blog post and attempted to implement some of those methods, particularly using Hurlant's crypto
classes, but even after the initial socket.sendBytes(rsaEncryptedPublicKey)
call, Apache returns an empty response body (including no response headers).
I'm admittedly not an SSL expert, but is it feasible within AS3, and if so, what would differ in writing to/reading from the socket versus a standard connection over HTTP? Particularly, how would you go about encoding/decoding information sent and received? Any thoughts would be appreciated.
Bruce appears to have made up his own protocol that isn't proper SSL/TLS.
as3crypto appears to have a TLSSocket class for doing what you want (see this testHost function for usage example with HTTPS).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With