When I connected using Chrome it sent 14 cipher suites and had TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) as the top one, so it shouldn’t have had a problem connecting using that cipher suite.
The protocol progression was:
TLSv1.2 - Client Hello
TLSv1.2 - Server Hello
TLSv1.2 - Certificate
TLSv1.2 - Server Key Exchange
TLSv1.2 - Server Hello Done
TLSv1.2 - Alert (Level: Fatal, Description: Decode Error)
TLSv1.2 - Alert (Level: Fatal,Description:Decode Error) Client Hello, Alert (Level: Fatal, Description: Unexpected Message)
TLSv1.1 - Client Hello
TLSv1.1 - Encrypted Alert
You can see my client is responding with fatal alerts (Decode Error and Unexpected Message). Also, it looks like Chrome is trying to reconnect using TLSv1.1, but that will not work with http2 as TLS1.2+ is required.
EDIT: It’s weird though, b/c for me this ONLY happens using Chrome. I’m starting to think that we are experiencing two separate issues. I could be wrong though.