Website not working and show ssl error

Hello community,

Before two days two of my websites shows the below error

SSL_ERROR_NO_CYPHER_OVERLAP

To let you know:

  • Each website is on different server
  • I disabled the universal SSL
  • Both of them have Let’s encrypt SSL
  • This error shows on ever browser (Chrome,Mozilla, Safari)
  • I tried all the ssl modes (no ssl, flexible, strict, full strict)
  • I purged the cache from cloudlfare and browsers also
  • I tried from diferrent computers from different networks

When i click on pause cloudflare then the website works perfect

I can’t find any solution anywhere as most of forums talk about clearing mozilla history etc.

You should never do that. You should only use Full Strict.

That’s the issue, you need to enable that.

1 Like

Thanks for your answer, a I said i tried everything. The universal ssl was enabled during the problem, so i tried to disable it but no results.

I tried all the methods for SSL but still nothing. Also, i was waiting for many hours but nothing changed.

Currently i paused the cloudflare and works fine but if i try to re-enable it then i receive the error

What is the domain and keep it paused?

One of the websites is [Preformatted text](https://novisors.gr/)

Now the cloudflare is enabled and you will see the problem

Ehm

It’s paused now

Can you post a full page screenshot of https://dash.cloudflare.com/?to=/:account/novisors.gr/ssl-tls/edge-certificates?

Sure.
Keep note that before two hours i re-enabled the universal SSL cause as i said i disabled it.

You configured an NS entry for _acme-challenge, which prevents the certificate from being issued. Drop that entry.

1 Like

I don’t think it will work because it was enabled when the error appeared.

I don’t know if it helps but i don’t have txt record for the acme_challenge. I use NS record in order to avoid manually re-issue the SSL from the server every three months.

It won’t work until you drop said entry.

Your current setup cannot work right now, if you want a certificate with a longer validity, you can get an Origin certificate.

I have this setup a year now and i never had any problem. Every three months the SSL gets renewed on my server without any problem. This is an unexplained error as i have never changed any settings for more than a year to this domain.

Again, it won’t work because you are actively preventing Cloudflare from issuing the certificate.

Drop the NS entry and the certificate will be issued.

Sorry for the questions but how the plesk will issue the ssl for this domain in order to secure it, if i will drop the ns record?

If you use DNS as authentication, then you will need to configure the necessary entries whenever you get a new certificate.

But again, an Origin certificate may be a lot easier here.

1 Like

You may also want to disable Universal SSL again, wait an hour, and enable it again to get a certificate issued. Cloudflare may not retry now.

1 Like

Well i tried that but nothing changed. So i made an export to the DNS records and then i deleted everything. After importing the DNS records the website is working

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.