I've got a Flex app which provides a front-end for doing basic CRUD db operations. The app is served up from a Tomcat/Blaze server using 2-way authentication and uses
Java objects to do the server-side db work. Serving the app works fine. The problem arises when the data components in the app try to call back to the server to pull data from the db. The HttpService template needs to be
https://... but the call cannot complete because Flex does not provide a certificate to the server as the browser does.
Using
http://... works fine but then the db data is sent in the clear (which is very bad).
What is the standard way to solve this problem? Is there a way to get Flex to use the same cert that the browser provided?
Thanks for any assistance!
[ RHEL5, Apache
Tomcat 5.5.23, JDK 1.5, IE/Firefox browsers]