On 12/27/2010 03:04 PM, [email protected] wrote: > I'm having a strange problem with the SslFilter in that all tested browsers > except Google Chrome can connect to the filter. This is the latest release > of Chrome running on either Mac or Windows. > > I stress that this is a CA issued certificate, so there are no self-signed > trust issues. Also, Chrome can SSL handshake with this the certificate when > connecting to IIS, so it is something specific to my Mina/SslFilter setup > > I believe that there is some handshake problem, but I don't know how to > troubleshoot what it might be, or why only Chrome fails of all the browsers. > I sure would appreciate any advice > > Running Mina 2.01, JRE 6u23 > > Initialization as follows: > > final KeyStore ks = KeyStore.getInstance("pkcs12"); > final InputStream is = getClass().getResourceAsStream("/thekeystore.pfx"); > ks.load(is, "thepassword".toCharArray()); > is.close(); > > SslContextFactory sslcf = new SslContextFactory(); > sslcf.setKeyManagerFactoryKeyStore(ks); > sslcf.setKeyManagerFactoryKeyStorePassword("thepassword"); > > SSLContext ctxt = sslcf.newInstance(); > > acceptor.getFilterChain().addLast("ssl",new SslFilter(ctxt)); >
Hi, I would try looking at from a man in the middle perspective. Since you have the certificate, some help from the RFC/wikipedia about TLS, and presumably access to the server (or client), you can use a tool like wireshark to observe the traffic in between and see what is going on with respect to the good connection (XYZ browser) and the bad connection (Chrome browser). Best, Johnny
