Just a quick question Mabi,
in chrome address bar please type chrome://flags/#tls13-variant
what tells you about TLS and QUIC?
do you have any nonstandard value?
By any chance can you share the (potentially) offending website?
thanks.
On Thu, Aug 13, 2020 at 5:25 AM mabi <mabi@xxxxxxxxxxxxx> wrote:
Hello,
I am using Squid as transparent proxy for HTTP and HTTPS traffic on an OpenBSD 6.7 firewall. Since I have upgraded from Squid version 4.11 to 4.12 my Chrome browser is not able to visit any HTTPS websites. Firefox continues to work fine.
Older versions of Chrome show a ERR_SSL_VERSION_INTERFERENCE error and newer versions of Chrome show a ERR_CONNECTION_REFUSED error.
If I revert back to Squid 4.11 Chrome works again. I have not changed anything in my Squid config or any other configuration file of the firewall.
I believe this issue might have something to do with the following change introduced in 4.12:
2020-05-06 10:09:50 +0300 Christos Tsantilas +199 -28 SslBump: Disable OpenSSL TLSv1.3 support for older TLS traffic (#620)
Source: http://www.squid-cache.org/Versions/v4/changesets/SQUID_4_12.html
Thank you in advance for your feedback.
Best regards,
Mabi
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
---------------------
Erick Perez
Quadrian Enterprises S.A. - Panama, Republica de Panama
Skype chat: eaperezh
WhatsApp IM: +507-6675-5083
---------------------
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
