April 7, 2020
5min Read
Arief
SSL errors are one of the most common problems encountered by internet users. While the error message in a browser might be quite scary for beginners, this problem is actually quite easy to solve. In this article, we will help you to resolve the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message quickly and effectively.
Every time you try to connect to a website, your browser will automatically check the SSL certificate of the website. Checking the certificate is a way to prove that the accessed website is genuine and has implemented the right protocol to secure your connection.
When the protocol configured on the website’s server appears to be unsafe, your browser will automatically display an error message, such as ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
This message is basically the browser’s way to protect you from accessing unsafe websites.
In addition, the website you’re trying to access may also use an old version of a protocol that has some serious security holes which might endanger your device.
Furthermore, it is important to note that ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message only appears when you try to access websites that use SSL and HTTPS encryption to secure the access and information exchange.
The website that uses these encryptions have a lock icon in the URL bar. It is also worth mentioning that this problem is more likely to occur on Google Chrome and Internet Explorer.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message can be caused by various things, ranging from the incompatibility of one or more SSL certificates with the components on your device to the problems with system security settings such as firewalls and antiviruses that are not properly configured.
Another common cause of this error is QUIC (Quick UDP Internet Connections) protocol.
Moreover, other small things such as old cookies and stacked up browser history can also interfere with the security of the connection.
As we have previously mentioned, while the message looks complicated and bit intimidating for a beginner, it is actually quite easy to fix as long as you know the right methods to deal with it.
There are at least five effective methods that you can try to resolve the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error:
Checking your SSL/TLS certificate might be a good place to start fixing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. If your TLS/SSL certificate is old or broken, you should not be surprised if a lot of error messages appear every time you surf the internet.
To check your SSL/TLS certificate, you can use SSL Labs. This tool will grade your SSL connection and detect if there is any mismatch in a server. It can also inform whether your SSL/TLS is old and needs an update.
Here is an example of an SSL report from Hostinger using this amazing tool:
TSL (Transport Layer Security) provides a secure connection between your browser and the web server. This layer is the direct successor of the SSL technology.
If this feature is disabled, it might be the reason why your browser rejects the certificates of some websites.
Luckily, most of the modern browsers, such as Google Chrome, are already equipped with TLS 1.3 by default.
However, if you have an older version of Chrome, you need to follow these steps to enable your browser TLS support:
chrome://flags
in Chrome’s URL bar, then hit enterHowever, note that this will not be available in the newer version of Google Chrome.
For instance, if you try those steps in Chrome version 80.0.3987.122, you will only find the TLS 1.3 downgrade hardening which functions to “harden” the TLS 1.3 connections and provides downgrade compatibility for the older TLS (set it to default).
QUIC (Quick UDP Internet Connections) protocol is an experimental project of Google that can send simple packages using User Datagram Protocol (UDP) without connection.
Although QUIC is known as an excellent alternative to other well-known security solutions such as TCP, HTTP/2, and TLS/SSL, this protocol often causes the appearance of the mixed-content warning, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
Therefore, you may need to disable this protocol to solve the SSL/certificate connection problem. Here are the steps to disable it in Google Chrome:
chrome://flags
in the URL bar and hit enter.Keep in mind that there are other methods to disable QUIC protocol, such as using Application control or Firewall Policy. However, we do not recommend you to use it since these methods require a bit of expertise.
Web history and cache will store data on sites that you have visited in the browser. The data can be text, images, or files. Activating the cache allows you to access web pages faster.
However, storing old cache is a bad habit, especially if the sites you have visited has already updated its system. If you do not delete cache for a long time, it might cause an SSL error and long-term security risks.
Therefore, wiping your device’s cache and restarting your browser sometimes is the best solution to resolve ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
If it does not solve the error, you might need to clear the SSL State in your browser.
Here are the steps to clear SSL State in the latest version of Google Chrome (ver. 80.0.3987.122):
Improper configuration of antivirus and/or firewall can also cause connection security problems that result in the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
Poor configuration can also cause some false alarms that cause a safe website detected as a dangerous site.
Therefore, it is better to leave your firewall settings to default. You can also disable it, but this action may cause critical security problems. Do it at your own risk.
Moreover, if you run antivirus software or any type of security program installed on your computer, the software might have an automatic SSL scanning. Disabling the SSL Scan could help you to get rid of error messages on the website.
The steps to disable an automatic SSL scanning in an antivirus vary. However, if the one you are using has an SSL Scan option, just turn it off.
While we think that the above methods should be enough to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH in your browser, sometimes they might not work because of some shenanigans.
If it happens, we strongly advise you to reinstall your web browser. Do not forget to check your browser version, you may need to update it to the newest one.
Moreover, an older operating system such as Windows XP and Vista has a bigger risk of stumbling upon an SSL error. Thus, you have to update your OS in order to prevent the error. If you already have the latest OS, try checking for the latest major update.
If you happen to get the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message while surfing the internet, there are some things you can do:
Finally, the first thing you need to do while getting an unexpected error message in your browser is to calm down and read the error message carefully.
Most people often freak out when stumbling upon an error like this and forcefully close or restart their browser without paying attention to the message. Whereas, without a proper fix, there is a big chance that the error will occur again, sooner or later.
Leave a reply