ERR_SSL_PROTOCOL_ERROR after upgrading IPFire from 2.19 to 2.27

Hello,

due to a hrash of our ipfire server, i installed a new one on another pc.
THe old version was 2.19, the new one is 227.
It mostly works fine but sometime some web sites cannot be reached from
our clients (win10 or android tabs and smartphones)
Its most of the time when the client wants to open a site over the http protocol.
In some cases it works when i open the site with the https protocoll but some time
then an ERR_SSL_PROTOCOL_ERROR occurs.

When i use the old one which had the crash (it mostly crashes after ten minutes online), all works fine.

Can anybody help me?

Thanx, Thomas

Do you have a proxy setup?

Hi,

welcome to the IPFire community. :slight_smile:

Could you please post a screenshot or a more detailed log message here? That description is a bit too vague to help you.

Thanks, and best regards,
Peter Müller

Hi,
here is the setup

and part 2.
Sorry its german.

Hi,

thanks for your reply.

The proxy settings look good to me. For the sake of clarity: The “transparent” setting of the proxy does not work with HTTPS destinations, since we cannot intercept them transparently (that’s what HTTPS is for, isn’t it? :wink: ). As described here, it might be a good idea to force clients using IPFire’s web proxy (if possible), by creating firewall rules denying direct traffic to the internet.

What’s in the logs at the time the ERR_SSL_PROTOCOL_ERROR error occurs? Can you reproduce it by something like curl or wget? If so, please post the log messages here so we can see what goes wrong.

Thanks, and best regards,
Peter Müller

1 Like

When a browser shows the Err_ssl_protocol_error, it indicates the browser is no longer able to access or initiate the secured communication. There is no definite guide for managing this error. Follow given steps to resolve this error from Client side:

  • Try correcting the system date and time.
  • Try clearing Google Chrome browsing data.
  • Try clearing your SSL State.
  • Try disabling the QUIC Protocol.
  • Try checking your antivirus settings.
  • Try enabling all SSL/TLS versions.

Also, this error is because of the following server side problems:

  • Invalid SSL or SSL is untrusted (self-signed)
  • SSL Not installed properly
  • Old Technology or SSL/TLS version for encryption