{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 地球回转人心会变 的问题《Intermittent ERR_SSL_PROTOCOL_ERROR error for cros》','https://www.manongdao.com/q-612190.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
The users of my website are seeing intermittent ERR_SSL_PROTOCOL_ERROR when making cross domain requests to api.flickr.com
By intermittent I mean that I've seen this happen 4 times out of ~1200 requests to the api yesterday.
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR https://api.flickr.com/services/rest/?method=flickr.photos.getInfo&api_key=.....
My site is and AngularJS application running on Google App Engine and is exclusivley avalable on HTTPS.
sslchecker shows that my site's certificate & certificate chain is installed correctly. Well, I think it looks ok!
sslchecker for api.flickr.com shows that ROOT 1 of the certificate chain is missing. Is that the problem? Is there any way around that for me?
Any other ideas? Is the problem that our certificates are issues by different authorities maybe?
Edit - Some other possibly relevant info gleaned from google analytics
- Have seen it happen for different OSes - Android, iOS, Windows
- Different browsers - Android, Chrome, Safari
- Different Network Domains
Persistent SSL Protocol Errors may be caused by problems like
the destination server expects a different protocol (e.g. SSLv1, SSLv2, SSLv3)
a violation of a security policy (e.g. some servers don't honor certificate requests made from client)
Firewall impedance filtering / ciphering
Intermittent SSL Protocol Errors are very hard to diagnose. They can be the result of expired session, expired key, connectivity hiccup, lost packets, etc
Even worse, they can be caused by Server Side issues like date-time sync, server connection pool full, etc.
Best practice is to re-send the request: because such issues are often a temporary glitch, and usually succeed at 2nd attempt.
Flickr switched their API to SSL-only on June 27th, 2014 (a little under a year). Their Forum has blown up with SSL related problems since then.
In the past few months many users have reported (check thread) sporadic SSL Protocol Errors.
These Protocol Errors appear across all device types (laptops, desktops, mobile, Linux, Windows, etc) and usually an immediate re-try is successful. The commonality and highly infrequent nature of these problems indicates there is some issue on the host side completely unrelated to anything on the client.
Since a re-fresh or 2nd attempt is usually successful, I suggest trapping the error, and making 1-3 more attempts:
If you continue to get a "Protocol Error", then inform the user that Flickr is temporarily unavailable and to try again later.
This might be the answer, but i'm guessing that this is probably not a client issue, so i would suggest you to update your api's server with that line added in the header :
This should fix the troubles some of your users are facing.