Hey, We've just upgraded form RC 1 to RC 3 (we skipped RC 2 due to blocking issues), and there appears to have been some changes in the way SSL keystores are managed - our test self-signed certificate that worked perfectly with RC 1 now has issues with RC 3.
The behaviour is a bit odd: - Firefox accepts it after having been told to ignore it. - Safari refuses it, whether or not it has been told to ignore it. - curl accepts it with the -k flag - connecting using an RC 1 powered Java client works, an RC 3 powered one fails. >From what I've found, it appears that there were some modifications in >keystore management, but the only thing I could find was "SSL keystores >configuration was adjusted for simplicity purpose" in the RC 2 release notes. >Is there a list of what precisely these changes are I can find somewhere ? I don't know whether that's useful, but: - we're using the Simple web server. - querying our server with curl, the only differences I could find between RC 1 and RC 3 were: "SSL connection using EDH-RSA-DES-CBC3-SHA" (RC 1) and "SSL connection using DHE-RSA-AES256-SHA" (RC 3). Any help or hints at where to look at would be greatly appreciated ! Cheers, Nicolas ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2595919
