Google Chrome (ERR_EMPTY_RESPONSE)
Posted by Cătălin on Wed, 19 Jul 2017
WHM/cPanel AutoSSL issue with Google Chrome (ERR_EMPTY_RESPONSE)
Today few clients complained about their websites not working in Google Chrome. It seems to be an issue caused by a recent EasyApache 4 update where cPanel included a newer version of OpenSSL to be used with EasyApache, and this version of OpenSSL included some code that uses SSE4.1 or SSE4.2 CPU features. The reason that this problem affects Chrome browsers is because it uses the POLY1305 cryptographic algorithm and this triggers the problem in OpenSSL on the server.
Until EA-6544 is resolved, this issue can be prevented by removing CHACHA20-POLY1305 ciphers from the Apache cipher list, following the next steps:
- Go to WHM >> Home >> Service Configuration >> Apache Configuration >> Gobal Configuration > SSL Cipher Suite and set:
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
- Click Save at the bottom of the options screen
- Rebuild & Restart Apache
The above is the default cipher list without "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305", which are the two ciphers which will trigger the problem at this time. If you are using a custom cipher list, you can remove those two ciphers. After EA-6544 is resolved it should be safe to set the cipher list to the default setting again.
Once this change is made the sites should function normally for all browsers.
Thank you cPanel Support! web
Archives
- May 2023 1
- April 2023 1
- March 2023 3
- January 2020 1
- November 2019 1
- September 2019 1
- April 2018 2
- February 2018 1
- January 2018 3
- December 2017 2
- November 2017 2
- October 2017 2
- September 2017 1
- July 2017 2
- June 2017 2
- May 2017 1
- March 2017 2
- February 2017 2
- January 2017 2
- November 2016 1
- October 2016 4
- August 2016 1
- April 2016 1
- June 2015 1
- May 2015 2
- April 2015 1
- December 2014 1
- October 2014 2
- September 2014 1
- July 2014 2
- June 2014 1
- March 2014 1
- February 2014 2
- January 2014 2
- December 2013 2
- October 2013 2
- September 2013 2
- July 2013 2
- June 2013 1
- March 2013 1
- February 2013 3
- January 2013 1
- December 2012 1
- November 2012 1
- September 2012 1
- August 2012 2
- April 2012 1
- August 2011 2
- July 2011 2
- January 2011 1
- October 2010 5
- August 2010 2
- July 2010 3
- May 2010 1
- April 2010 5
- March 2010 3
- February 2010 2