I would assume it’s related to this. https://code.google.com/p/chromium/issues/detail?id=296536
Joe From: N.C. de Groot [mailto:[email protected]] Sent: Monday, September 23, 2013 6:44 AM To: [email protected] Subject: [Pound Mailing List] Problem with latest version of Chrome Hello, I'm using Pound 2.7b. Since the last Chrome update Friday september 20th (both on Mac and Windows) to version 29.0.1547.76 the SSL handshakes fail completely. I tried resetting the Ciphers in pound.cfg from Ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:AES256-GCM-SHA384:AES256-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:AES256-SHA:AES128-SHA:DES-CBC3-SHA" to the more standard Ciphers "HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL" but that didn't help. From Firefox and other browsers no problems. Using Chrome to access other non-Pound sites with similar certificates works fine. I've tested with openssl, the s_client no problem either. I haven't tested other Pound versions yet. I've made two capture file with SSLdump, see below for a fragment. Chrome first tries 3.2, then 3.1 in each case the handshakes fail Can anyone confim this problem or help? Nico de Groot 302 New TCP connection #3: 10.87.164.66(50449) <-> gregorius.uvt.nl(443) 303 1 2 4.7900 (0.8762) S>CV3.2(53) Handshake 304 ServerHello 305 Version 3.2 306 random[32]= 307 52 3b df 7e a8 68 5b 0c 9f a2 33 30 39 68 48 90 308 e4 37 88 5b e7 b1 1c db cb 80 d0 9a e5 81 0b 98 309 session_id[0]= 310 311 cipherSuite Unknown value 0x3d 312 compressionMethod NULL 313 1 3 4.7905 (0.0005) C>SV3.2(2) Alert 314 level fatal 315 value handshake_failure 316 1 4.7905 (0.0000) C>S TCP FIN 317 1 4 4.8441 (0.0535) S>CV3.2(3516) Handshake 318 Certificate 319 certificate[1232]= 320 30 82 04 cc 30 82 03 b4 a0 03 02 01 02 02 10 2c
