Google Chrome Error Code ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY: How to Fix It

Medium 15-30 minutes Medium Severity Verified June 2026
Summarize with ChatGPTSummarize with ClaudeSummarize with Perplexity Add as Preferred Source on Google
Error Code
ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY
Brand
Google Chrome
Product Type
browser
Severity
Medium
DIY Difficulty
Medium
Estimated Fix Time
15-30 minutes
The ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY error in Google Chrome means the website you are trying to visit is using HTTP/2 but its SSL/TLS configuration does not meet the minimum security requirements that Chrome enforces. This typically happens when a server uses an outdated or weak cipher suite, an insecure TLS version, or a misconfigured certificate that fails Chrome's strict HTTP/2 security standards. In most cases this is a server-side issue, but there are several browser-side steps you can try to resolve it on your end.
Ad

Tools You'll Need

How to Fix Error Code ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY

  1. Reload the Page and Try a Different Browser

  2. Clear Chrome's SSL State and Cache

  3. Disable HTTP/2 Experiments in Chrome Flags

  4. Force Chrome to Use HTTP/1.1 for the Site (Temporary Workaround)

    Only do this for sites you trust. Disabling HTTP/2 globally reduces performance across all browsing. Remove this flag once the underlying server issue is resolved.

  5. Update Google Chrome to the Latest Version

  6. Check for Antivirus or Security Software Interference

    Only temporarily disable antivirus HTTPS scanning for testing purposes. Re-enable it immediately after your test to maintain your system's protection.

  7. Contact the Website Administrator

Ad

When to Call a Professional

If you own or manage the web server that is triggering this error, you will need a qualified system administrator or web hosting support team to update the server's TLS/SSL configuration. This involves editing server config files (such as nginx.conf or Apache's ssl.conf), updating cipher suite lists, enabling TLS 1.2 or 1.3, and disabling weak protocols — tasks that require server-level access and expertise. If you are just a visitor to the affected site, there is little more you can do beyond the browser-side steps above; contact the site owner and ask them to fix their SSL/TLS configuration.

Frequently Asked Questions

What causes ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY in Chrome?
This error is caused when a website uses HTTP/2 but its server's SSL/TLS setup does not meet Chrome's minimum security requirements. Common causes include the server using outdated cipher suites (such as RC4 or NULL ciphers), TLS 1.0 or 1.1 instead of TLS 1.2 or 1.3, or a misconfigured certificate chain. Chrome enforces strict security standards for HTTP/2 connections per RFC 7540, and any deviation triggers this error.
Is ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY a problem with my computer or the website?
In most cases it is a server-side (website) problem. The web server hosting the site needs to update its TLS configuration to use strong, modern cipher suites approved for HTTP/2. However, antivirus software that intercepts HTTPS traffic or corrupted Chrome SSL cache can sometimes cause this error on your side, so it is worth trying the browser-side fixes first.
How do I fix ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY on my own web server?
On your web server, update your SSL/TLS configuration to disable weak cipher suites and protocols. Enable TLS 1.2 and TLS 1.3, and configure only strong cipher suites that are approved for HTTP/2 (see RFC 7540 Appendix A for the blacklist to avoid). For nginx, update your ssl_ciphers and ssl_protocols directives. For Apache, update SSLProtocol and SSLCipherSuite. After making changes, restart your web server and test with SSL Labs at ssllabs.com/ssltest/ to confirm.
Can I bypass ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY in Chrome?
There is no click-through bypass for this error like there is for some certificate warnings. However, you can use the '--disable-http2' command-line flag when launching Chrome to force it to use HTTP/1.1, which avoids the HTTP/2 security check. This is a temporary workaround and is not recommended for regular browsing because it reduces performance and security across all sites. The proper fix is for the web server to update its TLS configuration.
Why does this error only appear in Chrome and not in other browsers?
Chrome enforces stricter security requirements for HTTP/2 connections than some other browsers. Other browsers may fall back to HTTP/1.1 automatically or apply less strict cipher suite requirements, allowing the page to load without error. This does not mean the other browsers are more secure overall — Chrome is simply more aggressive about enforcing the HTTP/2 security specification as defined in RFC 7540.

Related Error Codes