Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pjang
Staff
Staff

Created on ‎11-13-2024 09:36 PM Edited on ‎11-18-2024 11:05 PM By Moderator

Article Id 357555

Technical Tip: ERR_SSL_PROTOCOL_ERROR when using Flow-based Deep Inspection due to ML-KEM post-quantum TLS key exchange (Known Issue)

Description

 

This article describes a known issue related to ML-KEM post-quantum TLS key exchange, which has recently become supported in the following browser versions:

  • Google Chrome 131.
  • Microsoft Edge 131.0.2903.48 (Stable).
  • Mozilla Firefox 132.0.

This issue has been observed to occur when using Flow-based TLS Deep Inspection on the FortiGate and Google Chrome 131 and later (as well as Microsoft Edge 131.0.2903.48). Proxy-based TLS Deep Inspection is not affected, nor does the issue appear to occur when using Firefox.

 

Scope

 

FortiGate.

 

Solution

 

When this issue occurs, users will find that certain websites will fail to load and will present an ERR_SSL_PROTOCOL_ERROR error message.

This issue is triggered by the addition of ML-KEM post-quantum TLS key exchange, which recently replaced X25519Kyber768 for hybrid post-quantum key exchange on Chrome-based browsers: https://security.googleblog.com/2024/09/a-new-path-for-kyber-on-web.html.

 

Some example websites that have been found to demonstrate the issue while using Google Chrome include:

 

CloudFlare_ERR_SSL_PROTOCOL_ERROR.png

 

Some websites like the Azure portal or the Microsoft SSO login page (login.microsoftonline.com) will not show this error. For example, the Azure portal will simply show the message 'Portal offline', whereas the Microsoft SSO login page will show a blank page.

 

Workarounds:

 

Any one of the following workarounds can be effective as a temporary solution to the issue:

 

  • On the FortiGate:
    • Switch Firewall Policies from using Flow-Based + Deep Inspection to one of the following options:
      • Proxy-Based + Deep Inspection.
      • Flow-based +Certificate Inspection.
      • Proxy-based + Certification Inspection.
    • Alternatively, add an SSL Exemption for the affected website in a custom SSL Deep Inspection profile (see also: Technical Tip: Exempting applications/domains/websites from SSL Inspection).

 

  • In Google Chrome:
    • Disable ML-KEM support OR disable PostQuantumKeyAgreementEnabled.
    • Disabling ML-KEM is possible on a per-browser basis by going to chrome://flags and disabling Use ML-KEM in TLS 1.3 (#use-ml-kem).
    • Disabling PostQuantumKeyAgreementEnabled is possible via Chrome Enterprise Policy or Windows Group. Policy: PostQuantumKeyAgreementEnabled
      • Note: The PostQuantumKeyAgreementEnabled Enterprise Policy is specified by Google to be a temporary measure, so it will only be available 'through the end of 2024' (Update Google Play Services to fix issues with on-device passwords for more information).
      • While this is not a long-term solution, this is a valid workaround for addressing website access issues for Chrome users today who are using Flow-based TLS Deep Inspection on the FortiGate.
  • In Microsoft Edge:
    • Disable the flag called 'TLS 1.3 post-quantum key agreement' in edge://flags.
  • Use Mozilla Firefox or Chromium Web Browser Instead.

 

Long-Term Resolution (as of 11/18/2024):

 

The problem is under active investigation as part of Known Issue #1097642. Fixes are being assessed as part of new IPS Engine builds for FortiOS 7.0, 7.2, 7.4, and 7.6 at this time. The issue has been fixed on the following IPS Engine interim versions:

 

  • 7.0 IPSE 7.0189.
    • No additional information at this time.
  • 7.2 IPSE 7.0353.
    • Note that IPSE 7.0353 is scheduled for a phased rollout via FortiGuard Distribution Network starting from November 19th, 2024, which means that FortiGates running FortiOS 7.2.0 and later 7.2 patch releases will automatically receive this IPS Engine build throughout November (refer to CSB-241115-1 on the Fortinet Support site for further information).
  • 7.4 IPSE 7.0555.
    • Note that FortiOS 7.4.6 is currently targeting a release window between December 10th to 12th, 2024, so the updated IPS Engine build may also be included with the firmware upgrade (further information will be available upon release).
  • 7.6 IPSE 7.01026.
    • Note that FortiOS 7.6.1 is currently targeting a release window between November 26th to 28th, 2024, so the updated IPS Engine build may also be included with the firmware upgrade (further information will be available upon release).

 

Note that these IPS Engine versions are undergoing testing by Fortinet QA before they are officially released to the public (either via FortiGuard or bundled with FortiOS firmware releases). A ticket can be opened with Fortinet TAC to receive and test the above IPS Engine versions before their official rollout.

 

Related articles:

22902
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.