Some additional information that may prove useful: The same SSLContext that does not work in SslFilter when handshaking with Chrome 8 does work properly in a plain old SSLServerSocket, e.g.
ServerSocket ss = ctxt.getServerSocketFactory().createServerSocket(); ss.bind(new InetSocketAddress(443)); Socket client = ss.accept(); Therefore, I'm pretty sure by now that this is an SslFilter problem. I do not see any issue logged against this problem. Can any other Mina user confirm or deny that they see this issue with Chrome 8 and SslFilter not working together? (Safari 5, IE8, FF4, Opera 10 all handshake correctly). Thanks On Mon, Dec 27, 2010 at 3:04 PM, <[email protected]> wrote: > I'm having a strange problem with the SslFilter in that all tested browsers > except Google Chrome can connect to the filter. This is the latest release > of Chrome running on either Mac or Windows. > > I stress that this is a CA issued certificate, so there are no self-signed > trust issues. Also, Chrome can SSL handshake with this the certificate when > connecting to IIS, so it is something specific to my Mina/SslFilter setup > > I believe that there is some handshake problem, but I don't know how to > troubleshoot what it might be, or why only Chrome fails of all the browsers. > I sure would appreciate any advice > > Running Mina 2.01, JRE 6u23 > > Initialization as follows: > > final KeyStore ks = KeyStore.getInstance("pkcs12"); > final InputStream is = getClass().getResourceAsStream("/thekeystore.pfx"); > ks.load(is, "thepassword".toCharArray()); > is.close(); > > SslContextFactory sslcf = new SslContextFactory(); > sslcf.setKeyManagerFactoryKeyStore(ks); > sslcf.setKeyManagerFactoryKeyStorePassword("thepassword"); > > SSLContext ctxt = sslcf.newInstance(); > > acceptor.getFilterChain().addLast("ssl",new SslFilter(ctxt)); > >
