Fortinet FortiGate and Chromium-based browsers

0

After upgrading Brave to version 1.73.89 (Chromium 131.0.6778.69) and Google Chrome to version 131.0.6778.70, the web GUI of our Fortinet FortiGate is inaccessible. Both browsers display the following error when attempting to access the GUI:

This site can’t provide a secure connection
[REDACTED] sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

The same goes for Microsoft Edge version 131.0.2903.51. MS Edge version 130.0.2849.80 and older was fine.

Resetting any of these browsers has had no effect.

So far, Firefox version 132.0.2 is more forgiving than the Chromium-based browsers I’ve tried, but how long will this last?

The FortiGate in question has TLS v1.2 set as the minimum supported version, and raising this setting to TLS v1.3 has had no effect.

The solution is to disable ‘TLS 1.3 post-quantum key agreement,’ chrome://flags/#enable-tls13-kyber, and relaunch the browser.

Step by step description on how to disable TLS 1.3 post-quantum key agreement

Disable TLS 1.3 post-quantum key agreement in Chromium-based web browsers

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>