Hello there,

on our shop website many customers using Chrome are getting the following error:

It hinders our current and potential customers from accessing the website.

We are using dedicated certificates from Cloudflare.

I know a topic with the same problem exists already (closed) but the solution there is by no means viable for us.

Is there any possible way to fix this problem from “our” site?

Thanks in advance.

If on SSL/TLS app in your Cloudflare dashboard you disable TLS 1.3 protocol, does the issue resolve for your customers ?

what browsers and browser versions are your customers with issues on ? Could be TLS 1.3 draft vs RFC version difference issue with what is supported by web browser and Cloudflare differing.

Chrome 69 supports TLS 1.3 draft 28 while Chrome 70 release in ~5 days supports TLS 1.3 rfc final. Though Cloudflare’s TLS 1.3 should support TLS 1.3 draft 23, draft 28 and rfc final so shouldn’t matter. Though I have seen some reports of ERR_SSL_VERSION_INTERFERENCE for some of my users of my Centmin mod LEMP stack which uses Nginx/OpenSSL 1.1.1 with TLS 1.3 rfc final too with Chrome. They disabeld TLS 1.3 on web server and that fixed it. So probably same for Cloudflare TLS 1.3 disable in crypto section of your dashboard.

Also check if those visitors are using anti-virus/malware protection software i.e. Avast on their local computers as some have man in the middle (MITM) scanners which may not support the same TLS 1.3 draft/rfc final version that Cloudflare is advertising. So those visitors need to either update their anti-virus software or disable the scanners setting for scanning HTTPS in their software or disable Cloudflare TLS 1.3 for now

Example seems Kaspersky anti-virus is a current app which has issues with TLS 1.3

After some digging around on old posts I found out that turning off scanning encrypted connections from Settings- additional - network - do not scan… works.

1 Like

Hi eva2000,

thanks for your quick response! We are currently testing it.

1 Like

Hi eva2000,

thanks again, it solved the problem.

1 Like

Most of the times ssl version error occurs due to some wrong or altered browser settings, so you must crosscheck following browser settings before making any changes in the site configuration

  1. Reverse all recent proxy changes of your browser
  2. Disable TLS 1.3 from chrome flag settings
  3. Uncheck Automatic Detect option from Internet Options < Internet Properties < LAN Settings < Connection

one of the above setting might fix ssl version error on your site. You can refer to fix ssl error in chrome for step by step instructions on fixing this error on your site.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.