Just a quick question Mabi, in chrome address bar please type chrome://flags/#tls13-variant what tells you about TLS and QUIC? do you have any nonstandard value? By any chance can you share the (potentially) offending website? thanks.
On Thu, Aug 13, 2020 at 5:25 AM mabi <m...@protonmail.ch> wrote: > Hello, > > I am using Squid as transparent proxy for HTTP and HTTPS traffic on an > OpenBSD 6.7 firewall. Since I have upgraded from Squid version 4.11 to 4.12 > my Chrome browser is not able to visit any HTTPS websites. Firefox > continues to work fine. > > Older versions of Chrome show a ERR_SSL_VERSION_INTERFERENCE error and > newer versions of Chrome show a ERR_CONNECTION_REFUSED error. > > If I revert back to Squid 4.11 Chrome works again. I have not changed > anything in my Squid config or any other configuration file of the firewall. > > I believe this issue might have something to do with the following change > introduced in 4.12: > > 2020-05-06 10:09:50 +0300 Christos Tsantilas +199 -28 > SslBump: Disable OpenSSL TLSv1.3 support for older TLS traffic (#620) > > Source: http://www.squid-cache.org/Versions/v4/changesets/SQUID_4_12.html > > Thank you in advance for your feedback. > > Best regards, > Mabi > > > > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > -- --------------------- Erick Perez Quadrian Enterprises S.A. - Panama, Republica de Panama Skype chat: eaperezh WhatsApp IM: +507-6675-5083 ---------------------
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
