Windows - ERR_SSL_PROTOCOL_ERROR or outdated or unsafe TLS security settings

duplicati-2.0.5.1_beta_2020-01-18-x64.msi on Windows 10 Enterprise 1903

I’ve tried to uninstall and reinstall, error still happens.

Fresh install, was working fine for about a week - now when launching the web browser from the Duplicati.GUI.TrayIcon.exe to https://localhost:8200/index.html on the local machine

Chrome error:

This site can’t provide a secure connection
localhost sent an invalid response.

• [Try running Windows Network Diagnostics](javascript:diagnoseErrors()).
  ERR_SSL_PROTOCOL_ERROR

Internet Explorer:

Can’t connect securely to this page
This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.
Your TLS security settings aren’t set to the defaults, which could also be causing this error.

Where is the settings for certificates that the Duplicati.GUI.TrayIcon.exe is using or how to turn on logging and how to debug this?

Have been looking at the same today. Does it work when you use an in-private browsing session?

No it doesn’t. Good suggestion! It’s almost like the certificate is missing or something else.

That had worked for me, but I was trying numerous other things beforehand relating to TLS.
I had wondered if it was related to this… Mozilla re-enables TLS 1.0 and 1.1 because of Coronavirus (and Google) - gHacks Tech News

I had also installed Visual C++ 2017 and 2019 redistributable for x86 and x64 earlier and rebooted. Can’t think of any other major changes.

My system received the yesterday

February 27, 2020-KB4537572 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 and Windows Server 1903 RTM and Windows 10, version 1909 and Windows Server, version 1909

and then prior to that was
March 12, 2020—KB4551762 (OS Builds 18362.720 and 18363.720)

My gut feeling is that the .net http security has been updated, just don’t know how to troubleshoot it.

That seems likely.

I don’t have either of those on either end.

In case it helps, my recent updates…

source: Windows Server 2016
19/03/2020 March 17, 2020—KB4541329 (OS Build 14393.3595)
18/03/2020 Adobe Acrobat Reader DC (20.006.20042)
11/032020 KB4540723 Servicing stack update for Windows 10, version 1607: March 10, 2020

destination: Minio S3
22/03/2020 March 17, 2020—KB4541329 (OS Build 14393.3595)
12/03/2020 KB4540723 Servicing stack update for Windows 10, version 1607: March 10, 2020
12/03/2020 KB4524244 Security update for Windows 10, version 1607, 1703, 1709, 1803, 1809, 1903, 1909, Windows Server 2016 and Windows Server 2019: February 11, 2020

Welcome to the forum @DatDamnZotz

Available options are shown here for various programs, however the default is to not use certificates.
Do you know if you ever set that up? If not, attempting to use https instead of http might be the issue.
I can get the errors here if I use https but it’s not there. What happens if you use http://localhost:8200

My results with https://localhost:8200/index.html without setting up for it:

Chrome:

Internet Explorer:

image701×266 8.44 KB

Firefox:

image871×365 14.7 KB

If you can get things going manually, then the question to look at would be why TrayIcon used https.
From a look at the source code (which I’m not familiar with), it looks like certificate options set https.

--hosturl
Supply the url that the TrayIcon will connect to and show status for.

overrides whatever’s computed though, so if manual works, that could be a workaround, if need be.

I feel like a nob. Some how my browser was caching the site as https. Clearing the cookies and cache fixed the issue.

On a side note, yes Certificates are stored in the SQLLite database after loading them up via the switches

--webservice-sslcertificatefile
--webservice-sslcertificatepassword

2020-03-22_20-03-14760×654 27.5 KB

If there is a valid certificate in the sqllite database (server-ssl-certificate) it wil load that and switch to https

Thanks for pushing me to the right answer.