ERR_SSL_VERSION_INTERFERENCE to gmail.com
Reported by
sal.ba...@gmail.com,
Aug 22 2017
|
|||||||||
Issue descriptionChrome Version : 61.0.3163.49 OS Version: 10.0 URLs (if applicable) : https://mail.google.com Other browsers tested: Add OK or FAIL after other browsers where you have tested this issue: Safari 5: Firefox 4.x: IE 7/8/9: OK What steps will reproduce the problem? 1. Click the shortcut or type gmail.com in the browser address bar 2. 3. What is the expected result? To get into gmail What happens instead of that? ERR_SSL_VERSION_INTERFERENCE Please provide any additional information below. Attach a screenshot if possible. The error occurs after the mcafee antivirus update I accepted to install yesterday. Other google services (drive, contacts, calendar etc.) are not affected. Microsoft Edge is not affected and correctly displays gmail. The same error occurs both on my personal free gmail and the work gmail from my employer (gsuite). UserAgentString: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.49 Safari/537.36
,
Aug 22 2017
I have run the Chrome connectivity test. The only failing test is "Google websites could not be properly retrieved and loaded." All the other tests pass. These include connectivity, firewall, dns, delays etc.. Attached is the log. The incognito mode brings the same issue.
,
Aug 22 2017
Can you collect a net-internals trace? https://dev.chromium.org/for-testers/providing-network-details
,
Aug 22 2017
,
Aug 22 2017
,
Aug 23 2017
@ sal.barba: Gentle ping, Can you please update the details as requested in comment#3. Just tried on a non corp network and able to navigate to gmail.com on Windows 10, Mac 10.12.6 and Linux OS (Ubuntu 14.04) using chrome version 61.0.3163.49 Beta build. Thanks.!
,
Aug 23 2017
Do you know if you're running a proxy/firewall product on your network? Some products have known issues that interfere with newer version of TLS. In addition to collecting a net-internals trace, can you go to chrome://flags/#tls13-variant and set it to "Enabled (Experiment)" and see whether your connection works again, that should work around the issues with the Fortinet software, while still allowing more secure forms of TLS to be negotiated.
,
Aug 24 2017
Hello, 1) the net-internals trace log is attached 2) the issue started immediately after the mcafee live safe update, no change were made to corporate proxy-firewall in that time frame (about 15 minutes), and the issue arised immediately after the computer restarted. So the interference is with mcafee not with the corporate proxy-firewall. 3) I have set the chrome://flags/#tls13-variant to "Enabled (Experiment)" and now the connection to gmail works again. Thanky you for the help and for this workaround. I hope that the log file helps to understand what is going on. If I need to do more testing, let me know.
,
Aug 24 2017
,
Aug 28 2017
That's good to know, thank you. We're doing experiments to figure out which variant is most compatible with broken middleboxes/VPNs/firewalls, so additional data that Experiment is working it is useful. If you have a chance, can you test whether the other ones (RecordType and NoSessionID) work, but otherwise you can leave it on "Enabled (Experiment)" and I'll close out the bug in a couple days.
,
Aug 29 2017
I have tried again only with gmail, although I found a couple more sites that loaded partially I didn't remember which they were, so I cannot reproduce them. However, the gmail is the most significant indeed. RecordType: works fine NoSessionID: same error ERR_SSL_VERSION_INTERFERENCE I have set it back to "Enabled (Experiment)" Thanks
,
Aug 29 2017
Thanks for the additional information. Leaving it at Enabled (Experiment) should be fine then. |
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 Deleted