ChromeDriver ERR_SSL_PROTOCOL_ERROR despite --ignore-certificate-errors

This error message...

This site can’t provide a secure connection app sent an invalid response. ERR_SSL_PROTOCOL_ERROR

...implies that the ChromeDriver was unable to initiate/spawn a new WebBrowser i.e. Chrome Browser session on your localhost.

As you are seeing this issue on your local host (with no HTTPS) as per this comment a blind fold solution would be to add the argument --allow-insecure-localhost through chromeOptions() as follows:

'goog:chromeOptions': {'args': ['--allow-insecure-localhost'],
            'extensions': []}

---

However your main issue seems to be with the capabilities where you have set platform being set s ANY as follows:

{'acceptInsecureCerts': True,
'browserName': 'chrome',
'goog:chromeOptions': {'args': ['--ignore-certificate-errors'],
            'extensions': []},
'platform': 'ANY',
'version': ''}

As per WebDriver - W3C Living Document the platformName section mentions, the following platform names are in common usage with well-understood semantics and, when matching capabilities, greatest interoperability can be achieved by honoring them as valid synonyms for well-known Operating Systems:

Key         System
---         ------
"linux"     Any server or desktop system based upon the Linux kernel.
"mac"       Any version of Apple’s macOS.
"windows"   Any version of Microsoft Windows, including desktop and mobile versions.

Note:This list is not exhaustive.

When returning capabilities from New Session, it is valid to return a more specific platformName, allowing users to correctly identify the Operating System the WebDriver implementation is running on.

So instead of passing "platform":"ANY" within the desiredCapabilities object, a more specific "platform":"linux" will be more desirable approach.

You can find a relevant and related discussion in Curl error thrown for http POST to /session with params: {“desiredCapabilities”:{“browserName”:“chrome”,“platform”:“ANY” with Selenium and PHPUnit

---

Some more information about the ChromeDriver, Chrome and Selenium Client vrsion would have helped us to analyze the issue in a better way. However as per ChromeDriver history the following issues related to handling of certificate errors were addressed in the last few releases of ChromeDriver:

• Allow handling certificate errors via DevTools: As the headless chrome cannot show a UI warning for SSL certificate errors a fix was released to expose the errors as DevTools events and control the action to take through a DevTools command.
• Provide ability to handle certificate errors in Chromedriver/Selenium for headless: Earlier certain security related options that was controlled via CLI switches in the UI version of Chromium (like --ignore-certificate-errors) were silently ignored and can only be set via devtools. So it was necessary to override and handle certificateError events on the browser-target DevTools client. A fix was released implementing the usage of the new DevTools method to override certificate error handling browser-wide which allowed ignoring certificate errors in headless mode too.
• Global certificate error handling via DevTools: Previously DevTools allowed handling certificate errors for individual targets / WebContents, but when a new target was created (e.g. clicking on a target=_blank link), it was not often not possible to send the Security.enable / Security.setOverrideCertificateErrors commands quickly enough before a navigation is attempted. A fix was published with a simpler "ignore all cert errors" mode instead deprecated the old override command in favor of a new setIgnoreCertificateErrors command which also exposes the Security domain on the browser target to facilitate applying this override globally for the whole browser.

---

Conclusion

• Ensure that the following arguments/capabilities are added:
  • --allow-insecure-localhost
  • acceptInsecureCerts
  • --ignore-certificate-errors
• As you are using 'chromedriverVersion': '74.0.3729.6' ensure that you are also using 'chrome': '74.0' (as per ChromeDriver v74.0.3729.6 Release Notes)
• Ensure that you are using the latest released Selenium v3.141.59 clients.

According to Fix "Aw, Snap!" page crashes and other page loading errors - Computer - Google Chrome Help (expand the "Page loading error codes and issues" section), Chrome gives ERR_SSL_PROTOCOL_ERROR for ANY SSL-related error. This includes:

• certificate errors
• connection parameters negotiation failures (e.g. TLS version and stream encryption to use)
• protocol violations by the peer

Since you can't get any more details from Chrome, opening the page in another app (e.g. Firefox or with openssl s_client) could give you more details on what's happening.

Sniffing packets with e.g. Wireshark can show the initial stages of the connection including the negotiation stage; if the server is yours (so you have its private key), you will also be able to decrypt the encrypted parts -- which would give you the full picture.