Thanks, Nils. I captured the DTLS message exchanges for the working and failing cases using Wireshark. I mainly see two differences. 1. In the working case (Firefox 50.1.0), I see a "Server Hello Done" message from Firefox first, before a "Server Hello" along with Certificate, Server Key Exchange, and Certificate Request records in the same message. In the failing case, the Server Hello Done is sent at the end in the same message, after Certificate Request (which actually makes more sense?).
2. In the working case, the cipher suite used is: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013), compared with TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) in the failing case. It's more likely that the 2nd difference is causing the issue. I see that this and other ECDSA ciphers listed in the Client Hello in both cases. I tried disabling ECDSA in the gateway using the cipher list "DEFAULT:!aECDSA:!ECDSA" in SSL_CTX_set_cipher_list(), but to no avail - I still see the ECDSA ciphers in the Client Hello. Nils, I'll send you the pcap files for these two cases too. Please let me know if you have any suggestions. Cheers, Uma _______________________________________________ dev-media mailing list dev-media@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-media