I have activated my domain at my cloudflare account. But then i get the error “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” for the page “” but the URL without “www” is working “https://abc.mydomain.tbd

I have used the search and I have done this steps (but without success): Community Tip - Fixing ERR SSL VERSION OR CIPHER MISMATCH in Google Chrome

Somebody know a solution for that?

Thanks. I have turned of now th SSL/TLS encryption mode to "Off (not secure). But as long we use “Let’s Encrypt” on our server then we don’t need the SSL/TLS encryption mode from Cloudflare anyway? Or do I miss something?

You do need SSL on Cloudflare as well, as that covers the proxies. If you turn it of you cant use HTTPS. You need certificates on both sides, your server and Cloudflare.

Hi Sandro

Thanks for your answer. But this way should work to use let’s encrypt instead cloudflare ssl?:

  1. Login into CF and select domain you want to work with.
  2. Select “ Crypto ” top menu option
  3. Under SSL select - Full
  4. Set Always use HTTPS to ON
  5. On HSTS section - Enable HSTS
    Max-Age: 3 months
    Include subdomains: Off (change as you wish - read up on it)
    Preload: Off
  6. Set to Minimum TLS Version to TLS 1.2
  7. Opportunistic Encryption: ON
  8. TLS 1.3: ON
  9. Automatic HTTPS Rewrites: On
  10. Disable Universal SSL (again read up) by doing this you are no longer using CF SSL certs and use only Certs served by your server

No, that wont work. If you proxy you need a valid certificate and your encryption mode should actually be “Full strict”. If you dont proxy, none of that will apply and requests will go straight to your server and hence only the LE certificate will be applicable.

Ok, thank you. I have ordered now the certificates at cloudflare.

This topic was automatically closed after 30 days. New replies are no longer allowed.