I've been following this with interest, though haven't had time to look at it... Thanks for the excellent debugging, David and Bruno!
On 03/26/2010 09:16 AM, Bruno Harbulot wrote: > Hi Dave, > > On 25/03/2010 21:47, David Fogel wrote: >> Hi Bruno- >> >> So, I got Jetty working as the connector, and yes, it does seem to >> work fine with our previously discussed HTTPS configuration. So that >> can hold us for now, but we do eventually want to use the Simple >> connector. >> >> Incidentally, based on recent postings to the simpleframework support >> list, it appears that Niall (the author of Simple) plans to release a >> bug-fix version in the next few days for some problem having to do >> with a potential endless loop writing to a socket. So I wonder if >> this could be part of the issue... > > I think I've tracked down the problem to be a "Simple" bug: the output > buffer used during the TLS handshake is too small to send a big list of > CA certificates (since Simple always requests a client certificate, it > sends the list of CAs it's willing to accept within the TLS > CertificateRequest message: this list is longer with the default trust > store bundled with the JRE and used when nothing is specified). > > More on this here: > http://sourceforge.net/mailarchive/message.php?msg_name=4BACBFF1.7090108%40manchester.ac.uk > > > Best wishes, > > Bruno. > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2465481 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2465558
