ERR_SSL_VERSION_INTERFERENCE accessing gmail.com from corp network behind bluecoat.
Reported by
michael....@gmail.com,
Jun 26 2017
|
||||||
Issue descriptionChrome Version : 60.0.3112.40 OS Version: 6.1 (Windows 7, Windows Server 2008 R2) URLs (if applicable) : gmail.com, inbox.google.com Other browsers tested: Add OK or FAIL after other browsers where you have tested this issue: Safari 5: Firefox 4.x: IE 7/8/9: OK What steps will reproduce the problem? 1. Browse to URL 2. 3. What is the expected result? Regular page load What happens instead of that? ERR_SSL_VERSION_INTERFERENCE message shows up immediately Please provide any additional information below. Attach a screenshot if possible. Corporate network behind bluecoat proxy/appliaince. I don't have the specs on that. Works fine from IE, seems to work for others in chrome on the network, just not me. Tried incognito, and different profile as well. UserAgentString: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.40 Safari/537.36
,
Jun 26 2017
Thanks for the report. This means that some middlebox on your network has a bug and is interfering with the deployment of TLS 1.3, the next version with security and performance improvements. Since you're running a BlueCoat device and we've seen issues with their devices before (see issue #694593), that's probably it. See this article for more details: http://bluecoat.force.com/knowledgebase/articles/Technical_Alert/000032878 On the off chance it's something else, could you also attach a NetLog per these instructions? Thanks! https://dev.chromium.org/for-testers/providing-network-details
,
Jun 27 2017
I went to do a NetLog for you, but today it seems to be working. It hasn't been working for a while. Yesterday, before filing the bug, I sent some complaints to the team that manages BlueCoat. I wonder if something changed there, or if something got cleared on my end. In any case, I'm attaching the NetLog for reference.
,
Jun 27 2017
Thank you for providing more feedback. Adding requester "davidben@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 27 2017
Thanks! Yeah, you probably restarted your browser and got rolled into a different experiment group. For purposes of reproducing the problem, you want to go into chrome://flags and set "Maximum TLS version enabled" to "TLS 1.3" and "Experimental QUIC protocol" to disabled.
,
Jun 28 2017
Ok, yeah, this definitely is the issue. I restarted with the flags set, and it recreated the issue. Attached is the relevant NetLog. Our BlueCoat team is looking to get it patched per the referenced link above. Appreciate the help, hope this helps your development efforts.
,
Jun 28 2017
Thank you for providing more feedback. Adding requester "davidben@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 28 2017
Thanks! Yeah, that's the same failure mode as the previous BlueCoat instance. I'll go ahead and merged this into the other BlueCoat ticket. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by manoranj...@chromium.org
, Jun 26 2017