How to Fix NET::ERR_SSL_OBSOLETE_VERSION Warning
Table of Contents
The internet has become an integral part of our lives, enabling secure online transactions and protecting sensitive information. One crucial technology that ensures secure communication is SSL/TLS. However, encountering an error message like “NET::ERR_SSL_OBSOLETE_VERSION” can be frustrating and block access to websites.
In this article, we will explore the causes behind this error and provide solutions to overcome it.
Google Chrome, Mozilla Firefox, Microsoft Edge, and other major browsers constantly update their security rules to ensure safer web browsing for their users. This includes deprecating outdated and unsafe SSL/TLS certificates that can be exploited and expose visitors’ information. Thus, you are likely to see the ERR_SSL_OBSOLETE_VERSION warning when visiting websites using older TLS versions such as TLS 1.0 and TLS 1.1.
When a website uses a deprecated and insecure SSL/TLS certificate, browsers block the connection to protect visitors from potential security risks such as data theft, stolen credit card information, etc.
What is SSL vs. TLS?
SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are cryptographic protocols that establish secure connections between clients and servers. They encrypt the data transmitted over the internet, ensuring it remains confidential and protected from unauthorized access.
Secure Socket Layers (SSL) is the predecessor of TLS and has been widely used to secure web communications. SSL operates similarly to TLS, providing encryption and authentication. It utilizes cryptographic algorithms and digital certificates to secure the communication channel. However, SSL has been deprecated in favor of TLS due to vulnerabilities found in its older versions.
Transport Layer Security (TLS) is a widely used protocol that ensures the confidentiality, integrity, and authenticity of data transmitted over a network. It operates on top of the TCP/IP transport protocol suite and encrypts data during transmission. TLS provides a secure connection by using cryptographic algorithms and establishing a handshake process between the client and server.
Due to its improved security, TLS has been universally recognized as the more reliable security protocol and has been replacing the outdated SSL since its introduction in 1999. Although the term SSL is still popular and widely used, current SSL certificates are, in fact, based on TLS.
Causes of the NET::ERR_SSL_OBSOLETE_VERSION Warning
Several issues can lead to the warning. Below are the most common ones.
Outdated SSL/TLS Configuration
Websites that have not updated their SSL/TLS configuration to support the latest secure versions may trigger the error. It is crucial for website administrators to regularly update their SSL/TLS settings to ensure compatibility with modern browsers.
Insecure Cipher Suites
Cipher suites determine the encryption algorithms used in SSL/TLS connections. If a website employs outdated or weak cipher suites, browsers may block the connection, resulting in an error message.
Corrupted or expired browser cache
Occasionally, corrupted or expired cached data may trigger the NET::ERR_SSL_OBSOLETE_VERSION on some websites. Your browser might keep outdated information and recognize a website’s certificate as deprecated.
Antivirus or firewall software
Antivirus and firewall programs keep you safe from many online threats. However, these applications may mistakenly recognize a website’s SSL/TLS certificate as outdated and block you from accessing it.
Browser Incompatibility
Sometimes, the error occurs due to browser limitations. If a website exclusively supports outdated SSL/TLS versions, modern browsers will not establish a connection, recognizing it as insecure.
How to Check Your Site’s TLS Version
Using the latest and most secure TLS version is essential to maintain a safe and encrypted connection for your users. Checking the TLS version is crucial as it helps you establish whether you are using the latest security standards and ensures the protection of sensitive information transmitted over the internet.
By following these steps, you can easily check the TLS version being used by your website in Chrome DevTools.
- Launch your Google Chrome browser and open the website you want to check the TLS version for. Right-click anywhere on the page and select “Inspect,” or press “Ctrl + Shift + I” (Windows) or “Cmd + Option + I” (Mac) to open the Chrome DevTools panel.
- In the Chrome DevTools panel, you will see several tabs at the top. Look for the “Security” tab and click on it. This tab provides information about the website’s security features, including the TLS version.
- Once you’re on the “Security” tab, you will see detailed information about the website’s security status. Look for the “Connection” section, which displays the TLS version being used.
- In the “Connection” section, you will find the TLS version mentioned next to the “Secure” label. It could be TLS 1.2, TLS 1.3, or another version. This information indicates the level of encryption being utilized by the website.
How to Fix ERR_SSL_OBSOLETE_VERSION Warning?
To resolve the “NET::ERR_SSL_OBSOLETE_VERSION” error and establish a secure connection, consider the following solutions:
Update SSL/TLS Configuration
Website administrators should ensure their SSL/TLS configuration supports the latest secure versions. Upgrading to TLS 1.2 or TLS 1.3 is recommended to avoid compatibility issues with the latest versions of web browsers.
If you manage your own server, configure it to support TSL 1.3. Otherwise, contact your web hosting provider to ensure your hosting server is compatible with TLS 1.3.
SiteGround clients can be sure that their websites already use the latest TLS configurations. We have enabled TLS 1.2 and TLS 1.3 on all our servers and disabled the outdated TLS versions 1.0 and 1.1. Read this post for more information about TLS 1.3 and OCSP stapling on SiteGround hosting.
Upgrade Cipher Suites
Implement secure and up-to-date cipher suites on the web server. Disabling weak or outdated cipher suites and enabling strong encryption algorithms will enhance compatibility with modern browsers.
Clear Your Browser Cache and Cookies
Clearing your browsing data will flush any expired or corrupted data. This may resolve the NET::ERR_SSL_OBSOLETE_VERSION error.
To clear the cache on Chrome, follow these steps.
- Open Chrome, and click on the three dots menu.
- Navigate to More Tools > Clear Browsing Data.
- Select which types of cached data to remove by checking their boxes. Confirm your choice by pressing Clear data.
If you use another browser, read this guide on how to clear cache and cookies on desktop browsers.
For mobile devices, check the following articles.
Enable HTTP/2
HTTP/2, the successor to HTTP/1.1, offers improved performance and security. Enabling HTTP/2 on the server can help overcome SSL/TLS version-related issues.
SiteGround has implemented HTTP/2 on all servers. For more information, read this post about HTTP/2 on SiteGround servers.
Disable the QUIC protocol in Chrome
QUIC is a network protocol working along HTTP/2 that helps speed up the connection to websites. Many browsers, such as Google Chrome, Microsoft Edge, and Mozilla Firefox, support QUIC. However, this protocol may not be compatible with some websites. As a result, you may see the NET::ERR_SSL_OBSOLETE_VERSION visiting such websites.
Disable the QUIC protocol on your browser and revisit the problematic website to check if the error is gone.
To disable QUIC on Chrome, follow these steps.
- Open Chrome and type the address:
chrome://flags/
- Find the option Experimental QUIC protocol, and from the drop-down menu, select Disabled.
Temporarily Disable Your Antivirus and Firewall Software
Check if your antivirus or firewall application is triggering the NET::ERR_SSL_OBSOLETE_VERSION message by disabling it. After the program is disabled, visit the problematic website to check if the error is resolved. If this is the case, check the program’s settings, contact its support team, or consider switching to an alternative program.
To disable the firewall on Windows, open the Windows menu in the lower left corner. Go to Settings > Updates & Security > Windows Security > Firewall & network protection. Choose one of the networks and turn off the switch for Microsoft Defender Firewall.
On Mac, open System Settings > Network > Firewall. Turn off the slider for Firewall.
Contact Website Administrator
If you encounter the “NET::ERR_SSL_OBSOLETE_VERSION” error on a website you do not control, reach out to the website administrator or support team. They may be unaware of the issue and can take the necessary steps to resolve it.
Conclusion
Encountering the “NET::ERR_SSL_OBSOLETE_VERSION” error can be frustrating, but understanding its causes and solutions can help overcome the issue. In general, you should follow a few fundamental principles:
- Keep the SSL/TLS configuration up to date.
- Implement secure cipher suites.
- Ensure compatibility with modern browsers to maintain secure connections on websites.
By staying proactive and addressing these concerns, website administrators can provide a safe browsing experience for their visitors and avoid the ERR_SSL_OBSOLETE_VERSION error.
FAQs about ERR_SSL_OBSOLETE_VERSION
Can I bypass the “NET::ERR_SSL_OBSOLETE_VERSION” error and still access the website?
It is not recommended to bypass NET::ERR_SSL_OBSOLETE_VERSION as it indicates potential security risks. However, if you trust the website and understand the risks involved, you can proceed at your own discretion.
Why do browsers block connections with obsolete SSL/TLS versions?
Browsers prioritize user security and block connections with obsolete SSL/TLS versions to prevent potential vulnerabilities and attacks. Using outdated SSL/TLS versions can compromise the confidentiality and integrity of data transmitted over the internet.
Are all SSL/TLS errors related to “NET::ERR_SSL_OBSOLETE_VERSION”?
No, SSL/TLS errors can have various causes. “NET::ERR_SSL_OBSOLETE_VERSION” specifically relates to the use of outdated or insecure SSL/TLS versions.
Read this guide on SSL errors to find more information about the different types of SSL-related errors.
Can I fix the “NET::ERR_SSL_OBSOLETE_VERSION” error on my own?
If you are the website owner or administrator, you can fix the error by updating SSL/TLS configurations and ensuring compatibility with modern browsers. For websites you do not control, reaching out to the administrator or support team is the best course of action.