ChromeDriver ERR_SSL_PROTOCOL_ERROR despite --ignore-certificate-errors

This error message...

This site can’t provide a secure connection app sent an invalid response. ERR_SSL_PROTOCOL_ERROR

...implies that the ChromeDriver was unable to initiate/spawn a new WebBrowser i.e. Chrome Browser session on your localhost.

As you are seeing this issue on your local host (with no HTTPS) as per this comment a blind fold solution would be to add the argument --allow-insecure-localhost through chromeOptions() as follows:

'goog:chromeOptions': {'args': ['--allow-insecure-localhost'],            'extensions': []}

However your main issue seems to be with the capabilities where you have set platform being set s ANY as follows:

{'acceptInsecureCerts': True,'browserName': 'chrome','goog:chromeOptions': {'args': ['--ignore-certificate-errors'],            'extensions': []},'platform': 'ANY','version': ''}

As per WebDriver - W3C Living Document the platformName section mentions, the following platform names are in common usage with well-understood semantics and, when matching capabilities, greatest interoperability can be achieved by honoring them as valid synonyms for well-known Operating Systems:

Key         System---         ------"linux"     Any server or desktop system based upon the Linux kernel."mac"       Any version of Apple’s macOS."windows"   Any version of Microsoft Windows, including desktop and mobile versions.

Note:This list is not exhaustive.

When returning capabilities from New Session, it is valid to return a more specific platformName, allowing users to correctly identify the Operating System the WebDriver implementation is running on.

So instead of passing "platform":"ANY" within the desiredCapabilities object, a more specific "platform":"linux" will be more desirable approach.

You can find a relevant and related discussion in Curl error thrown for http POST to /session with params: {“desiredCapabilities”:{“browserName”:“chrome”,“platform”:“ANY” with Selenium and PHPUnit

Some more information about the ChromeDriver, Chrome and Selenium Client vrsion would have helped us to analyze the issue in a better way. However as per ChromeDriver history the following issues related to handling of certificate errors were addressed in the last few releases of ChromeDriver:

• Allow handling certificate errors via DevTools: As the headless chrome cannot show a UI warning for SSL certificate errors a fix was released to expose the errors as DevTools events and control the action to take through a DevTools command.
• Provide ability to handle certificate errors in Chromedriver/Selenium for headless: Earlier certain security related options that was controlled via CLI switches in the UI version of Chromium (like --ignore-certificate-errors) were silently ignored and can only be set via devtools. So it was necessary to override and handle certificateError events on the browser-target DevTools client. A fix was released implementing the usage of the new DevTools method to override certificate error handling browser-wide which allowed ignoring certificate errors in headless mode too.
• Global certificate error handling via DevTools: Previously DevTools allowed handling certificate errors for individual targets / WebContents, but when a new target was created (e.g. clicking on a target=_blank link), it was not often not possible to send the Security.enable / Security.setOverrideCertificateErrors commands quickly enough before a navigation is attempted. A fix was published with a simpler "ignore all cert errors" mode instead deprecated the old override command in favor of a new setIgnoreCertificateErrors command which also exposes the Security domain on the browser target to facilitate applying this override globally for the whole browser.

Conclusion

• Ensure that the following arguments/capabilities are added:
  • --allow-insecure-localhost
  • acceptInsecureCerts
  • --ignore-certificate-errors
• As you are using 'chromedriverVersion': '74.0.3729.6' ensure that you are also using 'chrome': '74.0' (as per ChromeDriver v74.0.3729.6 Release Notes)
• Ensure that you are using the latest released Selenium v3.141.59 clients.

According to Fix "Aw, Snap!" page crashes and other page loading errors - Computer - Google Chrome Help (expand the "Page loading error codes and issues" section), Chrome gives ERR_SSL_PROTOCOL_ERROR for ANY SSL-related error. This includes:

• certificate errors
• connection parameters negotiation failures (e.g. TLS version and stream encryption to use)
• protocol violations by the peer

Since you can't get any more details from Chrome, opening the page in another app (e.g. Firefox or with openssl s_client) could give you more details on what's happening.

Sniffing packets with e.g. Wireshark can show the initial stages of the connection including the negotiation stage; if the server is yours (so you have its private key), you will also be able to decrypt the encrypted parts -- which would give you the full picture.

You are requesting the page through HTTP and not HTTPS. Chrome will not connect to an insecure HTTP server.

This is causing the TLS/SSL negotiation to fail.

You need to make sure your server is running HTTPS on TCP port 8000.

With the --ignore-certificate-errors option you can generate a self-signed certificate and apply that to the web server.

Then change the url line to use HTTPS.

app_login_url = 'https://app:8000/accounts/login/'