I did some more analysis: When I replace the keystore by another keystore provided by the Jetty distribution, Firefox will not complain about the handshake exception. Nevertheless there are handshake exceptions, and the SSL level switches from TLS to SSLv3.
Now I guess the question is: What is the difference between the two keystores? Answer: As far as I can see, the Keystore provided in the Jetty distro has expired in 2001, while my keystore is still valid (although also self-generated). Could it be, that Firefox some is less strict regarding handshake failures, after you have told it to accept an expired certificate? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
