I apologise in advance for this slightly unstructured post but this topic has been in the back of my mind for a while, so before I completely forget the details I btter write it down.

I've recently had to port one of my Flex applications, a simple CRUD admin console hitting a MySQL database via CF9, to use a Remoting connection over SSL. I recalled hat in the past this setup had given me some headaches: 'normal' CF Remoting from Flex over HTTP was pretty simple to get going, but switching to HTTPS had not been as simple. Therefore here is a quick checklist (and note: it may be incomplete) if you have the same task at hand.

1) Make sure your Flex project contains a services-config.xml to compile against. Consule the Flex docs for more details on this, but I usually stickl the services-config file into my project's /src folder for easy access and simple path structure.

2) Go to your Flex project's properties > Flex Compiler and under 'additional compiler arguments' add

view plain
1-services "services-config.xml"

3) Make sure the services-config file has a channel-definiton which contains class="mx.messaging.channels.SecureAMFChannel"
You will use this as your SSL channel. The endpoint should be configured to point to your remote CF server and gateway (at least that's what I do as I develop against a remote server), for example:

A good way to test if the gateway is working (at least at the surface) is to hit it with a browser. You should see a blank page. Anything else spells trouble and will mean your remoting calls will not work.

4) Your services-config file likely already contains a destination with the id ColdFusionSSL. Make sure that its channel ref value 'points' to the id of the channel-definition you just created or modified.

As far as the Flex side goes that's pretty much it, you are good to go (but before you run off and try this, there is one more important tip further down). Just remember to use that new destination when you set up your RemoteObject:

view plain
1var ro:RemoteObject = new RemoteObject();
2ro.destination = "ColdFusionSSL";

At this point I wondered why my application was throwing remoting related errors. Quick tip: if you are still using Flex 3 (maybe Flex 4 has an equivalent) then add the folloiwng tag anywhere to your main application file:

view plain
This will result in some remoting related traces that may give clues to potenbtial errors. Also remember to use the Network Monitor in Flex, it's pretty neat for debugging remoting calls.

Ok, I promised one more caveat and this one had be stuck for a while. I was not aware that ColdFusion (the server itself) also needs to be told about the new destination you created. My CF server has the necessary files stored under C:\ColdFusion9\wwwroot\WEB-INF\flex - you need to check remoting-config.xml and services-config.xml and make sure that remoting-config.xml contains a destination called ColdFusionSSL with a channel-ref named my-cfamf-secure. If I remember correctly my CF server did not have this entry, yet the services-config file on CF had the channel-definition my-cfamf-secure.

I've never quite understood why Adobe have made this whole setup so darn complicated. I remember the days of AS2 when a Remoting call in Flash could be made in something like 3 lines of code without the need for any XML config files.

But I'm not claiming that I quite know what;'s happening here, but what I do know is that I had to touch XML files on both the client (in my Flex project) and my server to get SSL based Remoting to work with CF. I'm not going to touch it again now in case I'll break it :-)