Got an for some domain CIPHER_MISMATCH?

Hello unfortunately i got ERR_SSL_VERSION_OR_CIPHER_MISMATCH on cloudflare
It’s show something like below :

Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.

I’m work with mutliple domain assume example1.com and example2.com.
example1 and example2 has same configuration except for the server_name and their cert/private pem of course.

example1 are work great.
But example2 is shown ERR_SSL_VERSION_OR_CIPHER_MISMATCH

I’m using Nginx for webserver and Cloudflare real Ip at my config.
I’ve done clear SSL state and cookie and browser caches.
I’m also use SSLshoper to check certificate but seem’s only at example2 has fail.

Thank you.

Do you see SSL certificate active under TLS > Edge Certificates? If no, give it sometime.
image

1 Like

Hi @bayudwiyansatria,

Sorry to hear about the issues you are having with your SSL connection,

As @user3996 mentioned – a helpful place to check is to see if there is an active SSL certificate deployed to CF’s edge;

If there just so happens to be an active certificate, one other thing to note is whether there is an SSL certificate in use on your origin server – if there is, then you will want to make sure your SSL setting (Found under the TLS/SSL section your Cloudflare dashboard) is set to either “Full” or “Full (strict)” which is what will allow CF to complete an End-To-End SSL connection to your origin, if needed.

Let us know if this helps!

Best,
Peter

2 Likes

Hi user3996,
Thank you for answer.
Yes the edge certificate is active and expired on 2021. But the SSL stil shown ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Hi @Peter-CF,
Thank you for reaching out.

TLS/SSL is set to “Full” which encrypts end-to-end using a self signed certificate on my server.

Set min TLS version to lowest and then test again.

Also if you can share site URL it would be helpful in debugging.

1 Like

@user3996

I’m sorry to hear that, somehow i couldn’t share the URL since it development server. So there so much hole there especially on web services and maybe some data are accessible.

TLS 1.0 are the minimum and as default.
Yeah i’ve set it to TLS1.0.
Still nothing happend.

ping example.com

Do you see Cloudflare IP or own Development server IP?

Which browser are you using?

1 Like

Yes is using cloudflare IP, already proxied.
Microsoft Edge, Google Chrome, also test it SSL Shopper.

Please consult Cloudflare support team via email support [at] Cloudflare dot com. You need to share domain name to receive help. Without it I personally have no idea what’s going on there.

Sorry, I can’t be more of help in this regard.

Hi @bayudwiyansatria,

Just to check that you used the :search: and found the ERR_SSL_VERSION_OR_CIPHER_MISMATCH #CommunityTip?

This has all the most common possibilities for why you would see this error and may help you troubleshoot, if you can’t share the domain.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.