I have a website that uses websocket-sharp for client-server communication and has a certificate issued by Let's Encrypt . Other browsers work, but Google Chrome (on Linux) gives the error ERR_SSL_VERSION_INTERFERENCE
in the console. Disabling TLS 1.3 lets users circumvent this error. I am using the latest stable version.
This answer suggests the problem is when Chrome detects "buggy middleware" but I don't know what exactly Chrome is looking for.
This turned out to be a problem with Mono. Mono uses BoringSSL in newer versions but it isn't turned on by default in older versions. On newer Linux distributions you can do export MONO_TLS_PROVIDER=btls
but that didn't work for me because the gcc compiler on CentOS 6 (version 4.4) is too old and doesn't support align
which is necessary to compile BoringSSL.
First I installed gcc 4.8 with instructions from here: https://gist.github.com/stephenturner/e3bc5cfacc2dc67eca8b
wget -O /etc/yum.repos.d/slc6-devtoolset.repo http://linuxsoft.cern.ch/cern/devtoolset/slc6-devtoolset.repo
sudo yum install devtoolset-2
scl enable devtoolset-2 bash
Then I downloaded the latest release package of mono from their website (currently 5.12.0.226): http://www.mono-project.com/docs/compiling-mono/linux/
wget https://download.mono-project.com/sources/mono/mono-5.12.0.226.tar.bz2
tar xvf mono-5.12.0.226.tar.bz2
cd mono-5.12.0.226
./configure --prefix=/usr/local
make
make install
Just in case, I did export MONO_TLS_PROVIDER=btls
too, although I don't think it's necessary, but regardless if you look at the output at the end of ./configure
it should tell you if BTLS is enabled.
This also fixed the same problem with recent Firefox update 60.0.0.2.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.