- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- ERR_SSL_PROTOCOL_ERROR on Google Chrome
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ERR_SSL_PROTOCOL_ERROR on Google Chrome
We are having a bizarre problem since updating to 6.2.1 (we updated due to a memory leak issue in 6.2.0).
Certain sites are giving us a ERR_SSL_PROTOCOL_ERROR only in Google Chrome. I have tried all the usual troubleshooting for this error, but the only thing that fixes it is restarting the fortigate. Two sites (facebook.com and login.renweb.com) both use TLS 1.3, but we can get to facebook without a problem and we cannot get to the other site. After rebooting the device, it works for several days and then starts behaving poorly again.
Other browsers work fine, including Internet Explorer, Edge (not Chromium based) and Firefox.
I have attempted to disable SSL certificate inspection, but that does not seem to affect the problem one way or another. I also tried putting the fortigate back on its factory certificate.
My next step will be to revert to 6.0 branch, where I did not experience this issue, but I figured I would post first to see if anyone had similar experiences.
Solved! Go to Solution.
2 Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have anybody used curl against theses sites? Inspect the certificate and if you see any stale cert clear them. You can also test in a incognito window and see if the problem exists.
It sounds like a browser issues. FWIW. I check all of those sites from fortios v6.2.3 and see no issues using chrome on windows { Version 78.0.3904.87 (Official Build) (64-bit) }
Ken Felix
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Quick update, I believe we solved the problem, or at least my problem. I haven't fulled vetted this out yet, but so far, so good.
All of my static URL Web Filters end with:
* wildcard block
I changed it to:
[^.] regex block
and now everything works as it should. Wanted to get this out these asap in case it helps anyone.
- « Previous
- Next »
37 REPLIES 37
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try changing the SSL-VPN default port to something other than 443. By default it seems the SSL-VPN process interrupts the HTTPS GUI - I think this is likely only relevant until VDOM's are enabled when the root VDOM will likely mean interfaces are assigned and SSL-VPN will be assigned to non root VDOM interfaces.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
A few days ago, I got the same error in my browser.
There are various reasons due to which your Chrome browser couldn’t establish a secure connection with the server
To fix ERR_SSL_PROTOCOL_ERROR I found a helpful blog on google. Read this https://www.cheapsslshop.com/blog/fix-err-ssl-protocol-error/ guide. I am sure it will really helpful to you
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello dsobrinho,
I hope you are fine.
I have seen in your post that you have faced this error SSL_ERROR_RX_RECORD_TOO_LONG FIREFOX ERROR in your browser.
Kindly check this article:
https://www.cheapsslshop.com/blog/how-to-fix-the-ssl_error_rx_record_too_long-firefox-error/
I hope this article will help you to solve your problem
Waiting for your positive response.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you tried going to 6.4.7? If this only effects Chrome my guess is it is related to QUIC, have you tried blocking QUIC?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When a browser shows the Err_ssl_protocol_error, it indicates the browser is no longer able to access or initiate the secured communication. There is no definite guide for managing this error. Follow given steps to resolve this error from Client side:
- Try correcting the system date and time.
- Try clearing Google Chrome browsing data.
- Try clearing your SSL State.
- Try disabling the QUIC Protocol.
- Try checking your antivirus settings.
- Try enabling all SSL/TLS versions.
Also, this error is because of the following aerver side problems:
- Invalid SSL or SSL is untrusted (self-signed)
- SSL Not installed properly
- Old Technology or SSL/TLS version for encryption
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is the most common issue now and you can solve this issue with very basic steps. I found this blog with step by step solution to avoid this ssl error.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The "ERR_SSL_PROTOCOL_ERROR" in Google Chrome typically indicates a problem with the SSL/TLS handshake process between the browser and the server. This error could also be caused by other factors. If you'd like, you can fix this guide https://www.ssl2buy.com/wiki/how-to-fix-err-ssl-protocol-error which lists every reason why this issue could occur
- « Previous
- Next »
Related Posts
- Setting SSL/SSH inspection profile causes most... 98 Views
- ERR_EMPTY_RESPONSE only using Google Chrome accessing... 3790 Views
- FortiGate dailymotion block about 299 Views
- vm IMAGE 511 Views
- Chrome browser extension error with Forticlient... 1111 Views
Labels
-
FortiGate
6,496 -
FortiClient
1,297 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
413 -
5.6
362 -
FortiAP
332 -
FortiSwitch
331 -
FortiClient EMS
261 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
149 -
6.4
128 -
FortiNAC
104 -
FortiGuard
102 -
FortiGateCloud
87 -
FortiSIEM
86 -
FortiCloud Products
82 -
IPsec
70 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
58 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
Firewall policy
22 -
FortiConverter
21 -
High Availability
20 -
VLAN
19 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
FortiAuthenticator
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSL SSH inspection
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Security profile
5 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
NAC policy
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.