Edge Certificate validation


I have a problem concerning the SSL for my Cloudflare account, when I put cloudflare live the website gives this error: err_ssl_version_or_cipher_mismatch, I understand it’s because the SSL certificate is not validated yet. After 24 hours it still says Pending validation as status, I followed instructions by disabling the universal SSL, wait 5 minutes and enable it again but after a couple of days now it still is pending validation. Can anyone help with this?

As I need my website live I paused my Cloudflare account during this process.

I created a ticket as well, ticket id is #2155153.

Regarding this error, kindly re-check this possible solution if the domain was recently added to Cloudflare from below.

May I ask have you had an SSL certificate already installed at your host/origin server before moving to Cloudflare?

What SSL options have you got selected under SSL tab/settings page at your Cloudflare dashboard?

Moreover, kindly try clearing your Web browser cache and restarting your router.

If you go to SSL/TLS > Edge Certificates in your Cloudflare dashboard, you may see the certificate showing the certificate as ‘Pending Validation’ rather than ‘Active’:

It can take up to 24hrs for the free Universal SSL certificate to provision, if it has been longer than that, try disabling and re-enabling Universal SSL to restart the process. More info and further steps to take in Community Tip - Fixing ERR SSL VERSION OR CIPHER MISMATCH in Google Chrome and Community Tip - Best Practices For Certificate Provisioning .

Thanks for ticket number. Maybe @cloonan could take a look, if so.

Thanks for your reply.
Yes I already had a SSL certificate through the partner of Cloudflare Siteground, sorry should have mentioned this before. I also got to Cloudflare via Siteground where the website is hosted.

On advice of Siteground I selected Full as encryption mode. The SSL/TLS recommender is also on.

I also already tried clearing the web browser cache but that didn’t work as well.

Under the Edge Certificates tab I selected the following options:
Always use HTTPS: ON
HTTP Strict Transport Security (HSTS): Not enabled (button says enable)
Minimum TLS Version: TLS 1.0 (default)
Opportunistic Encryption: OFF
TLS 1.3: ON
Automatic HTTPS Rewrites: ON
Certificate Transparency Monitoring: OFF
Disable Universal SSL: button says disable universal SSL

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.