Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH

To Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH

There are times when we visit a website that has been running over HTTPS and a series of steps have to be performed between the browser and the web server. This is to ensure that the certificate and the SSL/TLS connection are valid. The TLS handshake is one such form of certification with it being checked against the certificate authority and decryption of the certificate.

The ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error: What is this all about?

Simply put, there are times when the browser does not like what it is viewing. This includes the likes of misconfiguration or even an unsupported version. It is in situations like these that you get the error notification like: 

“ERR_SSL_VERSION_OR_CIPHER_MISMATCH”

Essentially this error prevents the user from accessing a certain site. So, how can this be rectified? Here are some of the solutions

ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error Message
ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error Message

Causes of ERR_SSL_VERSION_OR_CIPHER_MISMATCH

This is a commonly occurring error that occurs when operating in an older or outdated system or browser. But there are various other causes of this error occurring as well and we will try and look into that. For instance, there has been a case of the user trying to migrate to Kinsta from another host and has encountered this error. As the user had been using the latest version of Chrome, hence the issue was reflected within their SSL certificate. Hence, Chrome is protecting the user by not letting the process of upload take place.

There are also other variations of this error and can be displayed as:

  • Error 113 (net::err_ssl_version_or_cipher_mismatch): unknown error
  • The client and server don’t support a common SSL protocol version or cipher suite

Now, let us take a look at some of the details behind each of these errors and their main causes:

Read More-: Sage 50 Installation Problem on Windows 8

The SSL Certificate: Through Check

When you encounter this error, it is recommended that you start by performing an SSL check within the certificate that has been installed on the site. For this, you can utilise the SSL check tool. This can be done with just a few clicks and your check will be done. Likewise, you can also select the option to hide the results from the public, if that is your preference. It will only take you a couple of minutes to scan the sites’ SSL/TLS configuration on your server.

To Check for the Certificate Name Mismatch

The case of the certificate name Mismatch can be due to various reasons:

  • The site does not utilize the SSL but shares the IP address with the other site that might. 
  • There is a possibility that the site no longer exists, yet the IP address is still pointed out by the domain, where the other sites are hosted. 
  • The Content Delivery Network-CDN used by the site does not support SSL. 
  • The domain name alias is for a website that has a different name however the alias has not been included in the certificate.

The other manner to check the current domain name issue within the certificate is to open up the Chrome DevTools within the site. Next, you can right-click anywhere on the site and click on ‘inspect’. Now, click on the Security tab and click on ‘View Certificate. The domain issued will be displayed within the certificate information. In case this does not match the current site then you have an issue at hand. 

Also, while you are at it, you might keep in mind that there are certain Wildcard certificates and other variations. However, for a typical site, the exact match is a must.

The Old Versions of TLS: Take a Check

The other reason for the ERR_SSL_VERSION_OR_CIPHER_MISMATCH is that you might be running an old version of TLS. You need to be running at least TLS 1.2 or a better deal at TLS 1.3. In case you are using the legacy TLS version, then you can fix the error in the notifications in Chrome.

The RC4 Cipher Suite

RC4 Cipher Suite window
RC4 Cipher Suite window

The other reason for the occurrence of this error could be that an RC4 cipher suite has been removed from Chrome version 48. This is not common but can occur within larger enterprise deployments that need RC4. This is generally because everything usually takes much longer to update and upgrade within the bigger and more complex configurations. 

Some of the top security researchers like Google, and Microsoft have recommended that RC4 be disabled. Hence one should make sure that the server configuration has enabled the other cipher suite

To Clear the SSL State in Chrome

Clear the SSL State in Chrome
Clear the SSL State in Chrome

The next important aspect is that you need to clear the SSL state within Chrome. This is much similar to clearing the browser for your Cache. This can also help at times when things get out of sync. In order to get this solution done, here are the steps:

  • Start by clicking on the Google Chrome-Setting icon. 
  • Next, click on Settings 
  • Now click on Show Advanced Settings 
  • Go to NEtwork, 
  • Now click on Change proxy settings 
  • This initiates the Properties dialogue box 
  • Now click on the Content tab
  • Click on ‘Clear SSL state 
  • Click on OK
  • Finally, restart Chrome.

Using the New Operating System

There are times and cases when the old Operating system has fallen out of date and some of the latest technologies like TLS 1.3 and the latest Cipher suites working as browsers have stopped supporting them. This will also result in the latest SSL certs simply stopping working. This was done way back in 2015 when Google Chrome pulled the plug on Windows XP. It is recommended to upgrade to the latest version of Operating systems if needed, like Windows 10 or the current version of Mac OS X.

Temporarily Disable the Anti-Virus

In case all other solutions are un-effective, we recommend to you the temporary disable Anti-Virus option. For this, you need to make sure that no anti-virus program has been currently running. In case it is, then you might want to temporarily disable it. There are cases when antivirus programs create a layer between the browser and the web with the help of their certification. This can lead to certain problems.

Also Read-: Sage Error 1601

Conclusion

So, there you have it people, all you wanted to know on How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH. However, in case you still encounter some issues, you can call our team of experts or drop a mail at [email protected]

Accounting Professionals & Specialized Experts

Want quick help from accounting software experts? Get in touch with our team members who can install, configure and configure your software for you. Proficient in fixing technical issues, they can help you quickly get back to work whenever you encounter an error in Sage software. Our team is available 24/7 365 days to assist you. To get in touch.

Frequently Asked Questions

How does one Fix an Unsupported Protocol?

This category of error such as How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH can easily be fixed by enabling the TLS 1.3. To do this you need to:
🔹 Type ‘chrome://flags’ within the address bar
🔹 Type TLS in the search field

What is meant by ERR_SSL_VERSION_OR_CIPHER_MISMATCH?

This is an error that commonly occurs when the web server does not support the common SSL protocol version. This can also commonly occur in websites that use Cloudflare’s content delivery network and security add-ons.

How to reset the Chrome SSL Certificate?

To do this, you will need to:
🔹 Go to the Google Chrome- Settings icon
🔹 Click on Settings
🔹 Next, click on Show advanced settings.
🔹 Go to the Network 
🔹 Click on Change proxy settings 
🔹 This enables the Internet Properties dialogue box to appear
🔹 Click on the Content tab
🔹 Next, click on ‘Clear SSL state 
🔹 Click on OK
🔹 Now restart Chrome.

Related Posts

Further Reading