Chrome Version: 56 OS: Chrome and Windows What steps will reproduce the problem? (1) BlueCoat 6.5 proxy. (2) Chrome OS 56 or Chrome browser 56 (3) Attempt to connect to a Google service (youtube, accounts.google.com, etc. What is the expected result? Successful connection. Client and proxy may negotiate down to TLS 1.2 instead of TLS 1.3. What happens instead? When Chrome attempts to connect via TLS 1.3, BlueCoat hangs up connection. Further details: We have at least one very large customer seeing similar issues against BlueCoat. The connection fails with SSL_HANDSHAKE_ERROR / ERR_CONNECTION_CLOSED. Customer found that restricting to TLS 1.2 via policy resolves the issue for Chrome 56 stable. Net internals logs are at: https://drive.google.com/corp/drive/folders/0B3BtTQPWWixOMk1FNkhMekJnNEU (google.com view only) Other large EDU customers are seeing similar issues and I'm working to gather details from them on proxy / firewall in use. Suspect many are using SSL / TLS inspection which is common among EDUs. Marking this as ReleaseBlock-Stable and P1 as I believe this is breaking Chrome for many customers. Bluecoat version is 6.5 for affected customer.
↧
Google reverts TLS 1.3 support for Chrome because of MITM-Proxies
↧