QUESTION:

How can a Flash Remoting connection (between a Macromedia Flash movie
running in client's browser and a JRun server) be encrypted using
SSL/HTTPS?

DETAILS:

My company has web site running on a Windows 2003 Server computer with
IIS6.0 installed.

The web site serves a Macromedia Flash movie (.swf file). The Flash movie
uses the Macromedia Flash Remoting to make remote method invocations
on the server. The server has a JRun server installed and serves up
some Java classes.

Using this setup, it is currently possible to make remote method
invocations from the Flash movie to, for example, a Login(String user,
String Password) Java method on the server. Everything works great.

The URL to the gateway for the Flash Remoting connection is specified
in ActionScript as follows:

NetServices.setDefaultGatewayUrl("http://domain/flashservices/gateway");

To securely submit the login information, it will however be necessary
to use an HTTPS encrypted connection to the Flash Remoting gateway:

NetServices.setDefaultGatewayUrl("https://domain/flashservices/gateway");

To make this happen I signed up to receive a free 30-day trial
security certificate from freessl.com. I followed all (great!)
instructions on how to install it on the IIS server and managed to
enable a secure HTTPS connection for the company's web pages. It is
now possible to access all web pages using:

https://domain/anypage.html

But https://domain/flashservices/gateway can still only be accessed
over a non-secure connection, i.e.
http://domain/flashservices/gateway.

I believe my specific question is: Why is
https://domain/flashservices/gateway not available when all other
pages can be accessed over HTTPS?

I do not know much about the internals of Flash Remoting and JRun.
Maybe JRun has its own web server that servers this one file in an
unsecured way? That could possibly explain why all other pages (served
by IIS) can now be accessed over https.