ERR_SSL_VERSION_INTERFERENCE with Chrome on android

[arakis]

On Chrome Android, some requests will fail randomly. I could detect, it's the "ERR_SSL_VERSION_INTERFERENCE" error. When disable tls1.3 support in chrome://flags, all works fine.

Any idea what i can do?

[arakis]

As i see, the flag Tls11 and Tls12 is "unsupported" in Mono:

https://github.com/mono/mono/blob/master/mcs/class/System/System.Security.Authentication/SslProtocols.cs

so, i'm wondering what chrome is using than. Maybe only the flag is unsupported, but it's still using >tls1.0 (1.0 is obselete).

[Bobris]

Nowin does not have any own TLS implementation it just uses SSLStream from underlying framework. You could probably has better chance to report it to Mono/NetCore, because I don't really know TLS protocol in needed detail to help fix Mono or reimplement it myself. I still using Nowin in personal projects (old ones), but on Windows and with Caddy Server doing TLS termination and ACME cert updates, especially because I don't have capacity to solve security problems or evolution of such code.

[arakis]

It seems, Mono uses an external unmanaged library for SSL: http://www.mono-project.com/docs/about-mono/releases/4.8.0/ The flag MONO_TLS_PROVIDER=legacy didn't helped. Because i planned to use a load balancer ( https://cloud.google.com/compute/docs/load-balancing/http/ ) i added it now and the proxy simply redirect https to http. Works perfectly.