ERR_SSL_VERSION_INTERFERENCE when trying to access mail.google.com or gmail.com
Reported by
etienne....@gmail.com,
Jul 3 2017
|
||||||||
Issue descriptionChrome Version : 60.0.3112.40 OS Version: 10.0 URLs (if applicable) : https://mail.google.com Other browsers tested: Add OK or FAIL after other browsers where you have tested this issue: Safari 5: Firefox 4.x: 45.0.1 - It works on Firefox. IE 7/8/9: What steps will reproduce the problem? 1. Try to access mail.google.com or gmail.com 2. ERR_SSL_VERSION_INTERFERENCE 3. What is the expected result? Expected to access my gmail mailbox. What happens instead of that? ERR_SSL_VERSION_INTERFERENCE Please provide any additional information below. Attach a screenshot if possible. On corporate network, don't know if there is interference somewhere. But it works on Firefox and not Chrome. UserAgentString: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.40 Safari/537.36
,
Jul 3 2017
Setting the chrome flag Maximum TLS version enabled. Mac, Windows, Linux, Chrome OS, Android Set maximum enabled TLS version. #ssl-version-max to TLS 1.2 And it fixes the issue.
,
Jul 3 2017
Setting the same flag to TLS 1.3 and it fails again.
,
Jul 3 2017
I know there are other issues similar but they seem like they are a dead-end. I have tried what the other people suggested in those other issues, and posted the results here. Also people were asking for the net-export-log, I have attached it here.
,
Jul 3 2017
This is a work network, we have Fortigate installed (but it is closed at the moment and error is present). We are also using Symantec endpoint protection (both enabled and disabled and I have the issue). I have the creator update of windows 10, which seemed to come with an update on windows security including firewall (just adding to try to push as much details as possible).
,
Jul 4 2017
Thank For filing the issue! Tested in chrome # 59.0.3071.115, Beta #60.0.3112.50 and Canary #61.0.3147.0 on win 10.0 & 7 and not able to reproduce the issue.Please find the screen shots for your reference.Adding related dev team in 'CC' for further inputs. @davidben /svaldez : As per your comments in below issues https://bugs.chromium.org/p/chromium/issues/detail?id=735104, https://bugs.chromium.org/p/chromium/issues/detail?id=735337. not merging this issue.Could you please look in to this issue. Thank You!
,
Jul 5 2017
Thanks for the extremely detailed report! This is another access_denied alert from a buggy middlebox. We've seen that before from a bug in Fortigate, though it's possible other products have the same failure mode. I'm not aware of issues with Windows' firewall. - What version of Fortigate's software are you running? - When you say the Fortigate product is "closed at the moment" do you mean that it's not on your network at all or you've disabled all filtering rules? (It's possible that their bug occurs even when all filtering rules are enabled.)
,
Jul 7 2017
My fortigate installed on my computer was off. Don't know what we have on network. I can ask. Étienne Rocheleau etienne.rocheleau@gmail.com
,
Jul 7 2017
Thank you for providing more feedback. Adding requester "rbasuvula@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 11 2017
Is it critical to have the version of Forti running on the network? I meant that I had closed off the program on my machine when the problem occured.
,
Jul 11 2017
When you say the program was closed, do you mean FortiClient? But there is still a FortiGate device on your network, right? We need details on the FortiGate device. Our previous reports were about a problem in that product.
,
Jul 12 2017
Yes I meant the FortiClient was off on my machine. Version for the FortiGate running on our networks: 5.2.8/5.2.10 (says it depends on location) Étienne Rocheleau etienne.rocheleau@gmail.com
,
Jul 12 2017
Thank you for providing more feedback. Adding requester "davidben@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 12 2017
Does upgrading the device to 5.4.0 or later work? Fortinet previously told us that's where they fixed their bug. (Though we've had other reports which contradict this, so this may not actually be accurate.)
,
Jul 13 2017
Do you mean FortiClient? or FortiGate? I don't really think I can get IT to upgrade their whole system for that :( Sorry. Étienne Rocheleau etienne.rocheleau@gmail.com
,
Jul 26 2017
,
Jul 27 2017
@davidben-- Could you please respond to the comment #15 and help us in triaging the issue. Thanks!
,
Aug 9 2017
@davidben-- Could you please look into this issue. Thanks!
,
Aug 9 2017
Um, there is pretty obviously nothing in comment #15 to respond to. There is a problem with the device, but the administrator does not wish to fix it. We're running some alternative experiments in M61 to better understand these bugs. If you still experience problems in M61, please re-file a bug (with any details about the middlebox/firewall/network appliances you can find and a net internals log of the problem (https://dev.chromium.org/for-testers/providing-network-details)). |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by etienne....@gmail.com
, Jul 3 2017