When I accessed https://mail.ocn.ne.jp/?redirectURL=/m/(or https://mail.ocn.ne.jp) from default browser of an android phone, the browser shows a message like "browser cannot establish secure connection" and then aborted. I took the following tcp packets between a browser of Android SDK and the server. Server → Client : Certificate, Server Hello Done Client → Server : Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message Server → Client : Change Cipher Spec, Encrypted Handshake Message Client → Server : [ACK] Client → Server : Encrypted Alert Client → Server : [FIN, ACK] Server → Client : [FIN, ACK] It seemes that the Android browser send an error as "Encrypted Alert" to the server. Has anyone faced the same problem? All of the android phones shipped in Japan(Xperia X10, HTC Desire, HT03A) is affected by this problem. One of the user-agent of the default browser is: Mozilla/5.0 (Linux; U; Android 1.6; ja-jp; SonyEricssonSO-01B Build/ R1EA018) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1 In addition, the certificate of the server defines "mail.ocn.ne.jp" as CN and the following DNS names as subject alternative name. * pop.ocn.ne.jp * mail.ocn.ne.jp * imap.ocn.ne.jp I'm not sure if this subjectAltNames is related to the case, but I can access site with a simple certificate and at that time client can send "Application Data" to the Server instead of "Encrypted Alert". Can anyone confirm/reproduce this problem by using "version 3.1.2 Mobile Safari"? Thanks, Soichiro Miki
"Mobile Safari" is the iPhone browser, not the Android one. Regardless, neither iPhone nor Android versions of WebKit builds from webkit.org sources directly, so you need to report any issues with these browsers to Apple and Google, respectively. They can bring them over here later if they decide that the bug is in webkit.org code.