Ssl version or cipher mismatch error

subdomain.domain.com gives error
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

What is your SSL/TLS security setting?

Full strict

This is the domain
status.cinemadeck.com

First this (due to my browser’s settings)


Then this

What is the minimum allowed TLS version (default is 1.0)?
Also, do you have a vaild SSL certificate?

TLS version is set to default 1.0 and I have a universal cloudflare certificate

Hi @user4176,

Your domain uses Cloudflare’s nameservers, but doesn’t appear to be proxied. This means that the error you are getting comes directly from your origin server. Once you’ve fixed it there, you can then consider proxying the hostname/unpausing Cloudflare.

1 Like

Is it active?

I have unproxied the domain because the same error was there when the domain was proxied

Do you get the error when it’s proxied?

Yes it is active

Yes, because the error is still there, it means it’s not caused by Cloudflare but comes directly from your server.

I am using squadcast.com for status page and have been talking to their support for a long time they tell me that they have checked everything and there is not a problem from their end

Is the IP address ending in 78 theirs? If so, the problem can’t be coming from anywhere else since the record currently points directly to them.

Sucuri labs returns these results


isitdownrightnow.com returns these results
image

Yes the ip ending with 78 is theirs

Then as @domjh said, the records are the issue, try changing those records to “DNS only” if possible!

The cname records are alread pointed “DNS only”

As you can see from this, you have a CNAME to status.squadcast.io which resolves directly to that .78 IP. Cloudflare isn’t involved here and it must be something on their end, I’m afraid.

$ dig status.cinemadeck.com

; <<>> DiG 9.10.6 <<>> status.cinemadeck.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28333
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;status.cinemadeck.com.		IN	A

;; ANSWER SECTION:
status.cinemadeck.com.	300	IN	CNAME	status.squadcast.io.
status.squadcast.io.	300	IN	A	34.138.40.78

;; Query time: 376 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Oct 27 15:41:51 BST 2021
;; MSG SIZE  rcvd: 99
1 Like

The same record works when I point it to a different subdomain but when I point it to this subdomain it gives me the ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Error

As pointed out several times, this is a hosting issue. They have not properly configured the server for that particular hostname.