Hello,
As the message said the issue is located on negociation side, in order to have more information regarding this connection I would suggest to generate a pcap file whose filter will be : the external IP used by the proxy to connect to internet and the URL concerned. Then when pcap file is generated :
- search for Client Hello and check the cipher/ssl version used for the connection
- and compare it with the information in Server Hello
You will be able to derminate which one prevent you establish the connection.
That is what I would do, if anyone disagree or can give further details, feel free to say it :)
Hope it helps !
Best regards,
Furil
Original Message:
Sent: Oct 14, 2022 02:53 PM
From: Jeff Saunders
Subject: ERR_CONNECTION_RESET and Cipher mismatch for URL through proxy
In Chrome we receive the following errors for a URL:
ERR_CONNECTION_RESET
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Site checks out OK from Qualys SSL Server Test. If we bypass the proxy we can get to the site without issues.
I tried pasting the URL in this window but it just hung the message screen..