[Product-Developers] PloneFlashUpload barfs on ssl

Michael Dunstan michael.dunstan at gmail.com
Tue Jan 20 23:08:46 UTC 2009

On Wed, Jan 21, 2009 at 1:19 AM, Alan Milligan <alan at balclutha.org> wrote:
> Hi,
> Frustratingly the PloneFlashUpload issue tracker redirects to p4a.  I don't
> know how many projects I'm expected to sign up to to actually log a ticket
> against something in the collective so I'm just going to post here.
> The aforementioned product, both version 1.1 and the new 1.2rc completely
> fail to post to https urls.
> They each work brilliantly in http postings, both directly to Zope and via
> Apache.  However, no https uploads work.  This is rather unfortunate,
> because unlike http, I cannot sniff the offending traffic.
> If someone who knows more about Flash (or PloneFlashUpload) than I can share
> any observations, that would be great.  I am more than willing to post logs
> in excruciating detail to resolve this.

The HTTP(S) transaction for the upload is performed by Flash rather
than by the host browser of the plugin. It looks like Flash has its
own interpretation (rather than matching the browsers interpretation)
about what is a valid HTTPS certificate. For example self signed
certificates are not valid. See

Michael Dunstan

More information about the Product-Developers mailing list