ERR_SSL_OBSOLETE_VERSION

Chrome ERR_SSL_OBSOLETE_VERSION on old payment gateways

Software – Web Browsers Intermediate 👁 2 views 📅 May 29, 2026

This error pops up on legacy payment sites using old TLS 1.0 or 1.1. Chrome blocks these for security. The fix is to force TLS 1.2 or update the server.

You're trying to pay a bill on an older vendor site—maybe a municipal water bill or a small credit union. Chrome throws up a red screen: ERR_SSL_OBSOLETE_VERSION. The page just won't load. This happens because that payment gateway is still running TLS 1.0 or 1.1—protocols from 1999 and 2006. Chrome 90+ blocks them cold. No workaround in the UI. You can't just click "Proceed anyway." The real fix is either forcing Chrome to use a newer TLS version (if the server supports it) or updating the server itself.

Why you're seeing this

TLS (Transport Layer Security) is how your browser and the server agree on encryption. TLS 1.0 and 1.1 have known vulnerabilities—think BEAST, POODLE, LUCKY13. Chrome decided enough was enough. Since version 90 (released April 2021), it refuses to handshake with servers stuck on those old versions. The error code ERR_SSL_OBSOLETE_VERSION means Chrome detected the server offered a weak protocol and aborted.

Step 1: Check if the server supports TLS 1.2

Before you change anything, verify what the server actually supports. Open a different browser—Firefox or Edge (they still allow older TLS by default). If the site loads there, the server probably does support TLS 1.2 but Chrome is being too aggressive. If it fails everywhere, the server is truly stuck on TLS 1.0—you'll need to contact the site owner.

Step 2: Force Chrome to use TLS 1.2 via a flag (temporary)

This is the quick fix. Type chrome://flags in the address bar and press Enter. In the search box at the top, type obsolete. Look for the flag labeled "Allow insecure and obsolete TLS versions for testing". Click the dropdown next to it and select Enabled. Then click the blue Relaunch button at the bottom. After Chrome restarts, try the payment site again. This flag tells Chrome to accept TLS 1.0 and 1.1 again. Important: This is meant for testing only. Revert it after you're done—go back and set it to Disabled or Default.

Step 3: Force TLS 1.2 via command line (more permanent)

If the flag doesn't work or you want a permanent fix for one site, you can launch Chrome with a command-line switch. Right-click your Chrome shortcut, select Properties, and in the Target field, add this at the end (after a space): --ssl-version-min=tls1.2. It should look like: "C:\Program Files\Google\Chrome\Application\chrome.exe" --ssl-version-min=tls1.2. Click Apply then OK. Launch Chrome from that shortcut. Now Chrome will refuse anything below TLS 1.2—but if the server doesn't support it, the site still won't load. This method is more secure than step 2 because it doesn't enable old protocols; it just sets a higher minimum.

Step 4: Registry fix for IT admins

If you manage multiple machines, use Group Policy or the registry. Open Regedit as Administrator. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome (create the key if it doesn't exist). Create a new DWORD called SSLVersionMin and set its value to tls1.2. Then create another DWORD called SSLVersionFallbackMin and set it to tls1.2. Close Regedit. Restart Chrome. This enforces TLS 1.2 across all profiles.

Step 5: Update the server (the real fix)

If you own the payment gateway, ditch TLS 1.0 and 1.1 entirely. On Apache, edit ssl.conf and set SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1. On Nginx, in the server block, set ssl_protocols TLSv1.2 TLSv1.3;. On IIS, go to Sites > Your Site > Bindings > Edit, and uncheck TLS 1.0 and TLS 1.1. Then restart the web service. Test with SSL Labs to confirm only TLS 1.2+ is advertised.

Still failing? Check these

  • The server is misconfigured—some IIS servers say they support TLS 1.2 but the ciphers are wrong. Use SSL Checker.
  • Antivirus or corporate firewall is intercepting and downgrading the connection. Temporarily disable web protection to test.
  • Chrome's SSL cache is corrupted. Go to Chrome Settings > Privacy and security > Clear browsing data. Check Cached images and files only, then clear. Restart.
  • You're on an outdated Chrome—update to the latest version via chrome://settings/help.

Bottom line: ERR_SSL_OBSOLETE_VERSION isn't a Chrome bug—it's a server problem. The flag gets you through once, but the real fix is on the server side. If you're the admin, update your TLS. If you're the user, push the vendor to update. That's the only permanent solution.

Was this solution helpful?

ERR_SSL_OBSOLETE_VERSION Chrome SSL error TLS 1.0 blocked legacy payment gateway SSL fix obsolete SSL version Chrome security error SSL handshake failed payment site not loading Chrome enable TLS 1.2 Chrome registry fix Chrome SSL