How to fix “ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY”

2 Jun

I created a test environment to check out Ubuntu 18.04 LTS and EasyEngine v3.8. I was glad to see that the latest version of EE includes NGINX 1.14.0, with support for HTTP/2, HTTP/2 Server Push, and gRPC.

However, when I navigated to the test domain pointed at my freshly set up VM, I found my browser would not load the page, with error:

“ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY”

Even though the HTTP/2 standard doesn’t require HTTPS, Chrome and Firefox will refuse to load a resource served with HTTP/2 unless it is through a sufficiently secure connection. I already had my SSL certificate configured, so I knew the problem had to be at the transport layer (I guess I should give SOME credit to the error message here.)

How to fix this error

You’ll need to edit your nginx.conf and beef up the SSL ciphers used for Transport Layer Security.

Remove the list of ancient ciphers to the right of ‘ssl_ciphers’ in your nginx.conf and replace them with the line below.

ECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

Check to see if NGINX is happy with your config by running nginx -t and then restart the service.

Leave a Reply

Your email address will not be published. Required fields are marked *