Good questions and sorry about the runaround answers you’re working with. Ugh. The best bet always is to have a site working with ssl in place prior to starting with cloudflare and then using the full (strict) setting for end-to-end encryption. You’re midway in the process now, however so the key to to fix that error. It may be a simple setting on your dashboard, what is the ssl setting currently?
To debug: The error “ERR_SSL_VERSION_OR_CIPHER_MISMATCH" in Google Chrome prevents access to the site because it detects an issue with creating a valid connection to your site. This may be a temporary issue, and should resolve itself within 24 hours. If not, grey-cloud/deactivate Cloudflare so that the website uses the origin’s SSL certificate, see How do I temporarily deactivate Cloudflare? Activate Cloudflare again in 24 hours and try to access your website to see if the SSL certificate has been successfully deployed.
Other successful troubleshooting suggestions and more details about the error can be found in this Community Tip.
WRT how to verify the certificate on the new origin server, you can use this command to test:
$ curl -svo /dev/null --resolve example.com:443:123.123.123.123 https://example.com/
(replace 123 with the IP of your new server, example.com
with your domain)
If you see an error SSL certificate problem: self signed certificate in certificate chain
, it means you’re probably set to full(strict) and don’t have a valid certificate on the origin to support that setting. Great Tutorials on this as well that are worth checking out.
Let us know if you continue to see issues after trying these tips, we’re happy to help further. And, can you share the domain name here?