The users of my website are seeing intermittent ERR_SSL_PROTOCOL_ERROR
when making cross domain requests to api.flickr.com
By intermittent I mean that I've seen this happen 4 times out of ~1200 requests to the api yesterday.
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR https://api.flickr.com/services/rest/?method=flickr.photos.getInfo&api_key=.....
My site is and AngularJS application running on Google App Engine and is exclusivley avalable on HTTPS.
sslchecker shows that my site's certificate & certificate chain is installed correctly. Well, I think it looks ok!
sslchecker for api.flickr.com
shows that ROOT 1
of the certificate chain is missing. Is that the problem? Is there any way around that for me?
Any other ideas? Is the problem that our certificates are issues by different authorities maybe?
Edit - Some other possibly relevant info gleaned from google analytics
When the date of your computer is not in sync with the date of the server that you're trying to access you'll face the problem of ERR_SSL_PROTOCOL_ERROR on your Chrome browser. The way to fix this is easy – just adjust the date of your system to current date and then try opening the site. You won't face any problem.
Fix ERR_SSL_PROTOCOL_ERROR by disabling QUIC Protocol By default, the QUIC protocol is enabled in Chrome. To disable it, copy chrome://flags/#enable-quic and paste it into the address bar, hit enter. On top of your screen, the Experimental QUIC Protocol would have been set as Default. Disable it and relaunch Chrome.
As the name suggests, an SSL protocol error occurs when a web browser is unable to establish a secure connection. Of course, this happens on an SSL certificate enabled website. When this error occurs, you would see the following error message.
Persistent SSL Protocol Errors may be caused by problems like
the destination server expects a different protocol (e.g. SSLv1, SSLv2, SSLv3)
a violation of a security policy (e.g. some servers don't honor certificate requests made from client)
Firewall impedance filtering / ciphering
Intermittent SSL Protocol Errors are very hard to diagnose. They can be the result of expired session, expired key, connectivity hiccup, lost packets, etc
Even worse, they can be caused by Server Side issues like date-time sync, server connection pool full, etc.
Best practice is to re-send the request: because such issues are often a temporary glitch, and usually succeed at 2nd attempt.
Flickr switched their API to SSL-only on June 27th, 2014 (a little under a year). Their Forum has blown up with SSL related problems since then.
In the past few months many users have reported (check thread) sporadic SSL Protocol Errors.
These Protocol Errors appear across all device types (laptops, desktops, mobile, Linux, Windows, etc) and usually an immediate re-try is successful. The commonality and highly infrequent nature of these problems indicates there is some issue on the host side completely unrelated to anything on the client.
Since a re-fresh or 2nd attempt is usually successful, I suggest trapping the error, and making 1-3 more attempts:
var promise = flickrService.get(...); promise.success(function (data, status, headers, config) { // Big Party }) .error(function(data, status, headers, config) { if (status == 107) { promise = flickrService.get(...); promise.success(function (data, status, headers, config) { // Big Party }) .error(function (data, status, headers, config) { AlertService.RaiseErrorAlert("Flickr temporarily unavailable.Please try again later"); }); } });
If you continue to get a "Protocol Error", then inform the user that Flickr is temporarily unavailable and to try again later.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With