Can antivirus cause SSL errors?

Yes, antivirus HTTPS scanning (Avast, Kaspersky, Norton) intercepts TLS connections. This can cause errors if the antivirus uses outdated TLS settings.

How do I check a server's TLS version?

Use SSL Labs: ssllabs.com/ssltest. It shows the server's supported TLS versions, cipher suites, certificate chain, and security grade.

Chrome ERR_SSL_PROTOCOL_ERROR — SSL/TLS Handshake Failure

Warningchrome

About Chrome ERR_SSL_PROTOCOL_ERROR

Fix Chrome ERR_SSL_PROTOCOL_ERROR occurring when the SSL/TLS handshake between Chrome and the server fails due to protocol mismatch or certificate issues. This guide covers everything you need to know about this topic, including common causes, step-by-step solutions, and answers to frequently asked questions.

Here are the key things to understand: ERR_SSL_PROTOCOL_ERROR means the TLS handshake failed before an encrypted connection was established. Chrome requires minimum TLS 1.2 — servers still using TLS 1.0/1.1 will fail. The error can occur due to misconfigured server certificates, cipher suites, or TLS settings. Corporate MITM proxies with outdated TLS support can trigger this error. Chrome's certificate transparency requirements can also cause this. Understanding these fundamentals will help you diagnose and resolve this issue more effectively.

The most common reasons this occurs include: Server using TLS 1.0 or 1.1 (deprecated, Chrome requires 1.2+). Server cipher suite not matching any Chrome-supported ciphers. Misconfigured server SSL certificate (wrong chain, expired intermediate). Corporate proxy intercepting HTTPS with an old TLS version. Antivirus HTTPS scanning interfering with the TLS handshake. Identifying the root cause is the first step toward finding the right solution.

To resolve this, follow these recommended steps: Check the server's TLS configuration: use ssllabs.com/ssltest to test the site. Ensure your system clock is correct — wrong time causes certificate validation failure. Disable antivirus HTTPS/SSL scanning temporarily to test. Clear Chrome SSL state: Settings > Privacy > Security > Clear SSL state (Windows). Try another browser (Firefox) to determine if the issue is Chrome-specific or server-wide. If these steps do not resolve the issue, consider consulting additional resources or a qualified professional.

This article is part of our Browser Errors collection on Error Codes Wiki. We provide comprehensive, up-to-date information to help you find solutions quickly.

Quick Answer

What TLS versions does Chrome support?

Chrome supports TLS 1.2 and TLS 1.3. TLS 1.0 and 1.1 were deprecated and removed. Servers must support TLS 1.2 or higher.

Overview

Fix Chrome ERR_SSL_PROTOCOL_ERROR occurring when the SSL/TLS handshake between Chrome and the server fails due to protocol mismatch or certificate issues.

Key Details

ERR_SSL_PROTOCOL_ERROR means the TLS handshake failed before an encrypted connection was established
Chrome requires minimum TLS 1.2 — servers still using TLS 1.0/1.1 will fail
The error can occur due to misconfigured server certificates, cipher suites, or TLS settings
Corporate MITM proxies with outdated TLS support can trigger this error
Chrome's certificate transparency requirements can also cause this

Common Causes

Server using TLS 1.0 or 1.1 (deprecated, Chrome requires 1.2+)
Server cipher suite not matching any Chrome-supported ciphers
Misconfigured server SSL certificate (wrong chain, expired intermediate)
Corporate proxy intercepting HTTPS with an old TLS version
Antivirus HTTPS scanning interfering with the TLS handshake

Steps

1Check the server's TLS configuration: use ssllabs.com/ssltest to test the site
2Ensure your system clock is correct — wrong time causes certificate validation failure
3Disable antivirus HTTPS/SSL scanning temporarily to test
4Clear Chrome SSL state: Settings > Privacy > Security > Clear SSL state (Windows)
5Try another browser (Firefox) to determine if the issue is Chrome-specific or server-wide