SSL doesnt work on chrome but it works on all browsers
Reported by
hmyou...@gmail.com,
Jul 12
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Steps to reproduce the problem: 1. SSL doesnt work on chrome but it works on all browsers 2. https://www.palmap.org 3. https://services.palmap.org What is the expected behavior? to be able to open by server site on chrome anywhere What went wrong? SSL doesnt work on chrome but it works on all browsers Did this work before? No Chrome version: 67.0.3396.99 Channel: stable OS Version: 10.0 Flash Version: i want my ssl site to work with chrome
,
Jul 12
Poking around with the BoringSSL command-line tool, they seem to be intolerant to our status_request (OCSP stapling) extension for some reason. That's odd since Firefox also sends it. Poking further...
,
Jul 12
There appears to be some cipher-specific bug with this server. The server supports the following ciphers, with a server-enforced preference order: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Of these the earliest cipher Firefox supports is TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, so the server selects that. If it selects that, the server handles OCSP stapling just fine. However, Chrome additionally supports TLS_RSA_WITH_AES_256_GCM_SHA384, which the server is configured to prefer. If it selects TLS_RSA_WITH_AES_256_GCM_SHA384, the server breaks on OCSP stapling. Toying around, the other static RSA (TLS_RSA_WITH_*) ciphers have the same failure mode. This is a bug in the server software. (Incidentally, neither of the two ciphers is ideal. It should be using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.) The server claims to be Microsoft-IIS/8.5, though whether there is something else fronting TLS, I'm not sure. The preference order does look like other IIS servers I've seen, but if IIS were broadly incompatible with Chrome, I imagine someone would have noticed it and fixed it by now. Are you the maintainer of this site? If so, what is this server running? Assuming this is IIS, could you please check that you are up-to-date on Windows updates?
,
Jul 15
,
Jul 25
[hmyounan]: Could you please response to comment #3?
,
Aug 17
Reporter, could you please respond to the question at the end of comment #3?
,
Aug 17
(The server's cipher preferences seem to have changed and I can't reproduce the issue anymore, so I suspect the site may have taken the advice in comment #3.)
,
Aug 23
|
||||
►
Sign in to add a comment |
||||
Comment 1 by est...@chromium.org
, Jul 12Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug