Cloudflare All-time-classic: How to fix Error code: SSL_ERROR_NO_CYPHER_OVERLAP

The same question keeps popping up every year:

Just to be closed without ever writing down the solution that made the staff close the ticket in the first place.

I am using cloudflare business plan, I get (like so many other cloudflare customers) this error:

Secure Connection Failed

An error occurred during a connection to some.domain.com. Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the website owners to inform them of this problem.

Sure, the answer should just be in the other posts…but isn’t.

How do I fix this error?
I tried the faq (SSL/TLS – Cloudflare Hilfe-Center) but it does not even mention the word “universal”…so maybe the FAQ is also broken?

Wow, interesting!
I am sorry to hear that one.

May I ask in which Web browser do you get this error?

I assume you already looked at the below two, right?

And also this one too?:

  1. Was the IP address of the origin host / server changed in between? (changing hosting provider, new server, new IP due to being blacklisted, etc.)
  1. What does it state under the SSL/TLS → Edge Certificates tab of Cloudflare dashboard at your Cloudflare account for your domain name? - Is the SSL certificate provisioned (active, enabled, deleted, pending) or not?
  1. Did you purchased a dedicated one (like Advanced Certificate Manager) or using your own which is installed at your origin host / server (like Let’s Encrypt or some purchased like from NameCheap, etc.)?

When was it? Can you try to contact Cloudflare support again and may I ask you to post your ticket number here, if so?

  1. To which one TLS minimum version is set to at Cloudflare dashboard? And which TLS version / ciphers does the origin host / server support?

  2. Kindly, see below articles how to propperly setup SSL for your domain …

Furthermore, here is a way to re-check if you correctly setup the SSL for your domain with Cloudflare:

If any other issues appear, follow the needed steps for troubleshooting from article below:

Regarding available SSL options at Cloudflare dashboard, check here:

In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to setup an SSL certificate using Cloudflare CA Origin Certificate:

Last but not least, kindly have a look here for more information regarding correct SSL settings:

2 Likes

thank you very much.

I turned of “universal” yesterday and still see no changes at all. maybe I need to wait a little longer…it is not 24hrs yet.

Firefox still gives me:

Secure Connection Failed>

An error occurred during a connection to sub.sub.domain.xy Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

and Chrome says:

This site can’t provide a secure connection

sub.sub.domain.xy uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Hide details

Unsupported protocol

The client and server don’t support a common SSL protocol version or cipher suite.

My ssl encryption mode is FULL. SSL Recommender is on. The EdgeCertificate Tab now says “No Certificates”, always use https is off, hsts if off, min TLS is 1.0, tls1.3 is enabled, automatic https rewrites is on, CT monitor is on, Universal SSL is disabled.

any ideas?

Cloudflare Universal Certificates cover only one level of subdomain. If you need more than that you can subscribe to Advanced Certificate Manager, or upload a Custom SSL Certificate on Business or Enterprise plans.

1 Like

Welp…still no luck.

Universal SSL is off. testing on a domain like sub.domain.yx

Error:
Secure Connection Failed

An error occurred during a connection to sub.domain.xy. Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.

Any suggestions?

Two settins finally fixed this.

First I had to disable Universal SSL, wait 24hrs, reenable Universal SSL. This led to another error (ERR_TOO_MANY_REDIRECTS). That could only be solved by doing SSL Full (strict).

Thanks for the help @fritex

1 Like

I am happy to assist you :slight_smile:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.