New issue
Advanced search Search tips

Issue 915510 link

Starred by 1 user
Status: Closed
Owner: ----
Closed: Today
Cc:
swarnasree.mukkala@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

SSL interference error report tls 1.3 related possibly

Reported by chrco...@gmail.com, Dec 16 
Chrome Version       : 71.0.3578.98
OS Version: 6.3
URLs (if applicable) : http://www.cloudatcost.com/
Other browsers tested:
  Add OK or FAIL after other browsers where you have tested this issue:
     Safari:
    Firefox:
    IE/Edge:

What steps will reproduce the problem?
It only happened once

What is the expected result?
Site to load

What happens instead of that?
ERR_SSL_VERSION_INTERFERENCE error

Please provide any additional information below. Attach a screenshot if
possible.

I have experimental tls 1.3 enabled in chrome flags
I am reporting this because a chrome developer asked people to report on her eif they see this message, his post is here https://superuser.com/questions/1217257/this-site-can-t-be-reached-mail-google-com-is-currently-unreachable/1217757#1217757

Information about my setup

I run pfsense 2.4.4 firewall although this does not proxy web traffic.
Scrub feature is enabled on the firewall.
Windows firewall is enabled on my desktop machine OS version 8.1.
I have nod32 a/v installed but http and https scanning is disabled so it should not be acting as a MITM for encrypted traffic.  When I check certificates on sites it shows the original certificate, not eset which should confirm this.
There is no more potential middleman software in my setup that I am aware off.

UserAgentString: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Comment 1 by phanindra.mandapaka@chromium.org, Dec 16

Labels: Needs-Triage-M71

Comment 2 by swarnasree.mukkala@chromium.org, Dec 17

Cc: swarnasree.mukkala@chromium.org
Components: Internals>Network>SSL
Labels: Triaged-ET TE-NeedsTriageHelp
Thanks for filing the issue...

As per comment#0, the issue seems to be related tls 1.3 and running pfsense 2.4.4 firewall which is out of scope for TE. Hence adding TE-NeedsTriageHelp label and requesting the respective team to have a look into this and help in further triaging of isuue.

Comment 3 by svaldez@google.com, Dec 17

Labels: Needs-Feedback
It appears that this is a issue with the server and is probably not TLS 1.3 related.

We show a ERR_SSL_VERSION_INTERFERENCE error if the first connection to the website (with TLS 1.3 support enabled) fails and then the subsequent connection (with TLS 1.3 support disabled) succeeds. This is generally a good indicator that the TLS 1.3 support caused an issue, but this also triggers when a website has a flaky connection or for some other reason just fails the first connection.

To verify, you aren't having ERR_SSL_VERSION_INTERFERENCE issues when visiting either mail.google.com or facebook.com?

If you're having issues consistently on a site, a net-internals would be helpful to debug: https://www.chromium.org/for-testers/providing-network-details

Comment 4 by morlovich@chromium.org, Jan 7 

ping: reporter, could you please answer the question in comment #3?

Comment 5 by nhar...@chromium.org, Jan 14 

chrcoluk: Did you see ERR_SSL_VERSION_INTERFERENCE on any other sites than cloudatcost.com? Are you able to reproduce getting that error, or did you only see it once?

Comment 6 by ericorth@chromium.org, Today (12 hours ago)

Status: Closed (was: Unconfirmed)
Closing due to lack of feedback.

If you are still experiencing this issue, please open a new bug, answering the question from comment #3 and providing the requested net-internals logging.

Sign in to add a comment