I am getting the ERR_SSL_VERSION_OR_CIPHER_MISMATCH when using Chrome v49 on windows XP when accessing via https, but other browsers such as firefox works fine.
I did not have this issue before migrating my DNS NS from godaddy to cloudflare.
After investigating further, I found that the problem arises only when put the traffic through cloudflare (orange cloud icon). The error do not occur if I use DNS only (grey cloud icon).
I have added below to my nginx settings but have determined the root cause is not at NGINX level, as soon as I enable cloudfront on the CNAME and A records, my site would get the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error irrespective of what I have on NGINX. It is not even getting as far as reaching my server.
ssl_protocols SSLv2 SSLv3;
ssl_ciphers “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW +3DES 3DES !MD5 !EXP !PSK !SRP !DSS !RC4”;
I have also tried turning the SSL settings on “Full” and “Full strict” but still the same, issue not resolved.
From various sources I see that old cipher is not supported (see below) on old chrome browsers.
I then tested on browserstack with winXP and chrome (v38) and can replicate the issue, however I am wondering if anyone can tell me how to resolve this if I make use of cloudflare?
I see other sites using cloudflare doesn’t have this issue so perhaps it is something that I have not configured correctly?
Any help would be much appreciated!