ERR_SSL_PROTOCOL_ERROR on Google Chrome

sforbus · ‎08-13-2019

We are having a bizarre problem since updating to 6.2.1 (we updated due to a memory leak issue in 6.2.0).

Certain sites are giving us a ERR_SSL_PROTOCOL_ERROR only in Google Chrome. I have tried all the usual troubleshooting for this error, but the only thing that fixes it is restarting the fortigate. Two sites (facebook.com and login.renweb.com) both use TLS 1.3, but we can get to facebook without a problem and we cannot get to the other site. After rebooting the device, it works for several days and then starts behaving poorly again.

Other browsers work fine, including Internet Explorer, Edge (not Chromium based) and Firefox.

I have attempted to disable SSL certificate inspection, but that does not seem to affect the problem one way or another. I also tried putting the fortigate back on its factory certificate.

My next step will be to revert to 6.0 branch, where I did not experience this issue, but I figured I would post first to see if anyone had similar experiences.

emnoc · ‎01-07-2020

Have anybody used curl against theses sites? Inspect the certificate and if you see any stale cert clear them. You can also test in a incognito window and see if the problem exists.

It sounds like a browser issues. FWIW. I check all of those sites from fortios v6.2.3 and see no issues using chrome on windows { Version 78.0.3904.87 (Official Build) (64-bit) }

Ken Felix

PCNSE

NSE

StrongSwan

View solution in original post

Cibura · ‎02-04-2020

Quick update, I believe we solved the problem, or at least my problem. I haven't fulled vetted this out yet, but so far, so good.

All of my static URL Web Filters end with:

* wildcard block

I changed it to:

[^.] regex block

and now everything works as it should. Wanted to get this out these asap in case it helps anyone.

View solution in original post

kblackmore · ‎08-31-2023

Try changing the SSL-VPN default port to something other than 443. By default it seems the SSL-VPN process interrupts the HTTPS GUI - I think this is likely only relevant until VDOM's are enabled when the root VDOM will likely mean interfaces are assigned and SSL-VPN will be assigned to non root VDOM interfaces.

dsobrinho · ‎07-28-2021

Same problem Vmware version 6.4.6 after deploy vmware and start a basic configuration I have tried to access GUI via Chrome,Firefox,Edge etc and we have SSL problem report in this forum.

nsumner36 · ‎08-31-2021

Have you tried going to 6.4.7? If this only effects Chrome my guess is it is related to QUIC, have you tried blocking QUIC?

irvinborder · ‎01-31-2022

When a browser shows the Err_ssl_protocol_error, it indicates the browser is no longer able to access or initiate the secured communication. There is no definite guide for managing this error. Follow given steps to resolve this error from Client side:

Try correcting the system date and time.
Try clearing Google Chrome browsing data.
Try clearing your SSL State.
Try disabling the QUIC Protocol.
Try checking your antivirus settings.
Try enabling all SSL/TLS versions.

Also, this error is because of the following aerver side problems:

Invalid SSL or SSL is untrusted (self-signed)
SSL Not installed properly
Old Technology or SSL/TLS version for encryption

Aayu · ‎02-17-2025

The "ERR_SSL_PROTOCOL_ERROR" usually occurs due to an invalid SSL certificate or improper server configuration and also results from an SSL/TLS handshake failure. Try clearing your browser cache, checking your system date/time, disabling extensions, or using another browser. If the issue persists, check for expired certificates or server misconfigurations.

There are different steps to fix this error. For a detailed guide, I found this helpful resource:-

https://certera.com/blog/how-to-fix-err-ssl-protocol-error-in-chrome/.

I hope this helps to fix the error!

Cyber Security Expert

ERR_SSL_PROTOCOL_ERROR on Google Chrome

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website