Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] TLS 1.1 problem with Jetty 8.1.4?
I'm running an SSL server with Jetty 8.1.4 using a self-signed certificate. One of my users reported a problem connecting using Chrome, and I found the same problem (although not when connecting via 127.0.0.1) so I reported it to the Chrome developers: 

http://code.google.com/p/chromium/issues/detail?id=166327&thanks=166327&ts=1355602940
I've had a response indicating there's a problem with TLS 1.1 and that it also affects IE if TLS 1.1 is enabled: 

> On Windows 7, if I click the "Use TLS 1.1" box in Internet Options > Advanced,
> Internet Explorer also has the same problem.
>
> Chrome enables TLS 1.1 by default. You can run chrome.exe with the command
> line option --ssl-version-max=tls1 to turn off TLS 1.1. But I'd like to track
> down this TLS 1.1 incompatibility. Thanks.
I've also just had a more detailed report indicating that Jetty dropped the connection after the TLS 1.1 handshake: 

> Using the ssltap tool, I found that the server completed a TLS 1.1
> full handshake successfully, but after Chrome sent the first application
> data record, the server immediately closed the TCP connection.

(The full ssltap ouput is available at the URL above.)
So this looks like this is a Jetty issue. Can anyone tell me what's going on, and is it likely that this has been fixed in more recent versions of Jetty? 

Many thanks,
--
John English

Back to the top