When visiting a website if you are facing ERR SSL VERSION OR CIPHER MISMATCH error, then primarily it’s not your fault as an end user. It can happen with any browser including Chrome, Firefox, Internet Explorer or Edge browser. It means that the website is using an SSL certificate which the browser is rejecting because the certificate has a problem. In this guide, we will share some tips to fix this error.
The usual error message reads as follows:
A secure connection cannot be established because this site uses an unsupported protocol, Error code ERR_SSL_VERSION_OR_CIPHER_MISMATCH
That said, it is also possible that the downloaded certificate on your PC is corrupted or your PC configuration for TSL/SSL is misconfigured.
Let us see what you can do about it!
1] Can you access the website with HTTP?
Try to access the website with the only HTTP in the start. Do not use Https, and if you see the same problem, the problem is with the website. If you are we website owner, you need to check for two things:
- Is your SSL certificate name mismatching? Make sure the name and alias of the websites match with the actual website URL where the certificate is installed.
- Is your server using RC4 Cipher? If yes you need to fix that.
As a website owner, you also need to check if your CDN also supports SSL. Most of the CDN now supports SSL, and all you need is to configure it correctly. While the website delivers content over SSL, if the rest of the data is not over SSL, this error might show up.
2] Enable SSL 3 / TLS and Disable QUIC Protocol
If you are using Chrome, then make sure to follow the protocol fixes for SSL3/TLS and QUIC which are some of the reasons to cause the SSL version / Cipher Mismatch. It also includes few fixes for Windows 10 PC where you can clear your certificates, make sure your computer time and date is in sync with your timezone and so on.
For Edge and Internet Explorer please follow the steps as mentioned below:
- In the search box, type Internet, and you should see Internet Options, in the result.
- In the Internet Properties window, switch to the Advanced tab, and scroll down to the Security section.
- Check the Use TLS 1.1 and User TLS 1.2 check boxes, and then click OK.
For Firefox, type about: config in your address bar, and hit Enter.
- Type TLS in the search field, and double click on security.tls.version.min
- Set the integer value to 3 to force protocol of TLS 1.3
- Click OK, and restart Firefox browser.
Repeat same for SSL and so on.
Let us know if any of these fixes helped you to resolve this error.