New issue
Advanced search Search tips

Issue 834102 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: Apr 2018
Cc:
elawrence@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

ERR_SSL_VERSION_OR_CIPHER_MISMATCH upon updating

Reported by mpur...@chemeketa.edu, Apr 17 2018 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3393.4 Safari/537.36

Steps to reproduce the problem:
1. attempt to visit my.chemeketa.edu
2. get redirected to sso.chemeketa.edu
3. get error of ERR_SSL_VERSION_OR_CIPHER_MISMATCH

What is the expected behavior?

What went wrong?
Upon updating to chrome 66, i'm no longer able to get to the site.
I've tested on multiple machines with different OSs (windows 7 and 10) and as soon as i update to version 66 the page will no longer load.

Did this work before? Yes 65

Chrome version: 66.0.3359.106  Channel: stable
OS Version: 10.0
Flash Version:

Comment 1 by elawrence@chromium.org, Apr 18 2018

Components: Internals>Network>SSL
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Needs-Feedback Type-Bug
Summary: ERR_SSL_VERSION_OR_CIPHER_MISMATCH upon updating (was: ERR_SSL_VERSION_OR_CIPHER_MISMATCH upon updateing)
Are you having this problem in Chrome 67 (the browser used to report this issue), or only Chrome 66? I can't reproduce a problem here with Chrome 67 on Mac.

Can you attach a network log? https://www.chromium.org/for-testers/providing-network-details

Comment 2 by elawrence@chromium.org, Apr 18 2018 

https://www.ssllabs.com/ssltest/analyze.html?d=sso.chemeketa.edu reports that this server only supports TLS/1.0 and SSL/3.0 with a limited set of ciphers. It seems like TLS_RSA_WITH_AES_128_CBC_SHA /should/ work, however.

Comment 3 by elawrence@chromium.org, Apr 18 2018 

I was also unable to reproduce a problem here using Chrome 66.0.3359.117 on Windows 10 build 1803, so the network log requested in #1 would be super-helpful.

Comment 4 by mpur...@chemeketa.edu, Apr 18 2018 

We were able to correct the issue temporarily by disabling group policy on the machines. It appears that one of the settings in our policy was altering behavior in the browser, but it only took effect on chrome 66 and higher.I'm investigating further to find which exact setting was altering the behavior.
Project Member

Comment 5 by sheriffbot@chromium.org, Apr 18 2018

Cc: elawrence@chromium.org
Labels: -Needs-Feedback
Thank you for providing more feedback. Adding the requester to the cc list.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 6 by elawrence@chromium.org, Apr 18 2018 

Ah, this is probably working as intended, if your GP had a SSLVersionMin policy configured. Support for this policy landed in Chrome 66.0.3337.0.

Can you confirm that you've set this policy?

Comment 7 by mpur...@chemeketa.edu, Apr 18 2018 

That was the issue. 
I was able to remove that setting and all is working now thank you.

Comment 8 by elawrence@chromium.org, Apr 18 2018

Status: WontFix (was: Unconfirmed)
Thanks for confirming!

Sign in to add a comment