What is the name of the domain?
*.your-mon.com
What is the error message?
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
What is the issue you’re encountering
Universal Edge Certificates issued by Google since July 24th are broken. Websites visitors report ERR_SSL_VERSION_OR_CIPHER_MISMATCH error in Google Chrome and similar errors in other browsers on the devices where the browser can not be updated.
What steps have you taken to resolve the issue?
This was a wide known problem with Let’s Encrypt Certificates at Cloudflare proxy (any Let’s Encrypt certificates generated at the origin server were not affected) that Cloudflare used shitty ECDSA ciphers instead of widely supported RSA and the only step to fix this bug was manually switching Certificate Authority from lets_encrypt to google (only available via API /ssl/universal/settings request). After latest renewal of the certificate the Google certificate also uses ECDSA SHA256 instead of RSA SHA256 without any possibility to switch it.
Was the site working with SSL prior to adding it to Cloudflare?
Yes
What is the current SSL/TLS setting?
Full (strict)
What are the steps to reproduce the issue?
Add the domain
Enable Cloudflare proxy
Create 2 Edge Certificates - Google (Universal) as Primary and Let’s Encrypt as Backup (not vice versa)
Before July 24th this configuration worked.