It works fine on mozilla but in IE7 we have problem. Its working if I connect to the application from my machine where I created the certificate. I created a certificate using keygen which is not an original certificate bought from Thawte.
But when someone tries to connect to my machine, the session attribute loses value.
The problem I have is, we have method interceptor checks for the session attribute in which we put authentication related data.
But that session is without the value(just flex session) and hence we are logging the user out.
But https works fine on mozilla. And also http works fine on all browsers.
Also I changed the code to have no-cache-header
I mean <add-no-cache-headers>false</add-no-cache-headers>