I have a HAProxy / stunnel server that handles SSL for our sites on AWS. During testing, I created a self-signed cert on this server and hit it from my desktop using Chrome to test that stunnel was working correctly.
Now I have installed the legitimate cert on that server. When I hit the site from my machine in Chrome it throws the following error:
Error 113
(net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH):
Unknown error.
My guess is that Chrome cached the key for the self-signed cert and it doesn’t match that of the legitimate cert. This site works in all other browsers on my machine so it’s just a Chrome problem.
One interesting note: When hitting the page from a incognito session (Ctrl+Shift+N), it works correctly. So it is clearly some sort of cache thing.
I did all the things I could think of (dumped my cache, deleted certs from the Personal and Other People page in the Manage Certificates dialog, Ctrl+F5, etc.).
My machine is Windows 7 x64. Chrome version: 12.0.742.91.
On the Google Chrome Help Form, there is a description of what sounds like the same issue; however, no resolution is found.
UPDATE: It seems to have “fixed itself” today. I hate problems like this. I still don’t know what caused it or how it resolved itself. Presumably the cached cert expired or something, but I am still interested to know where this information is stored and how to verify it.
Best Answer
Chrome stores SSL certificate state per host in browser history.
So just clear browser history (
Ctrl+Shift+Del), at least the following parts:Solution 2. If the above doesn't help, try this:
chromebackground processes%USERPROFILE%/AppData/Local/Google/Chrome/User Data/CertificateTransparency