A secure web has a lot of many stakeholders. Right from the web administrators who manage websites to consumers who shop online. Security has become a paramount concern nowadays. One of the ways of ensuring this security is to have an SSL (Secure Sockets Layer) for your website. This communicates to the browser that the website you are visiting is secure and safe to visit. But sometimes you may come across an error message that says “ERR_SSL_VERSION_OR_CIPHER_MISMATCH”. What to do in such a scenario? This tutorial will help you with that.
Cause of This Error
An SSL connection is recommended by all the major web browsers. Chrome has made it mandatory for websites to have an SSL certificate to be listed as a secure website. There can be a problem with the SSL certificate on your website. It may be expired. There may be a problem with a secure connection to the website. At such moments, your browser is likely to show this error. All the major browsers show more or less the same error.
How to Fix this Error?
There are several ways you can try to resolve this issue. Here are the most effective ways you can try for yourself:
1. Check Your Internet Connection:
The first thing you need to check for is your internet connection. Check your router, or if the problem is with your ISP, resolve that. Most of the time, a simple check for internet connection can help you save your precious time and unnecessary frustration.
2. Check SSL Certificate:
Perform a SSL Check on the SSL certificate on the website you are visiting. You can do this by using free tools like the ones provided by Qualys SSL Labs. This will check the validity and expiry of the certificate.
3. Check Certificate Name Mismatch
The certificate name mismatch error can occur due to a number of reasons. It may manifest due to some of the following reasons:
- The domain points to the old IP address where another site is hosted. This happens even if the site itself does not exist.
- The site shares the IP address with some other site that uses SSL while the original site does not.
- The content delivery network you use does not support SSL.
4. Check For Old TLS Version
When the TLS version running on the website is old, a certificate error can error. The certificate version should be at least TLS 1.2. If it is older than that, ask your web host to update it. Nowadays TLS 1.3 is in the news.
5. Check RC4 Cypher Suite
The RC4 Cypher suite was removed from Google Chrome version 48 onwards. Some websites still use the RC4 cypher suite, this might be the cause of the error. It is recommended that RC4 be removed.
6. Clear SSL state on Your Computer
Clearing SSL state can solve this error most of the time. It is similar to changing the browser cache.
- Click on the settings icon in your Google Chrome browser.
- Then click “Show advanced settings”.
- Go to “Network” and click on Change Proxy settings. The Internet dialogue box should appear.
- Click on the Content tab.
- Click on the “Clear SSL state” button and click ok.
- You need to restart Chrome
7. Use the Latest Operating System
The security standards for web are constantly changing. Old operating systems do not support these updates. Thus, if you are getting the SSL version cipher mismatch error, you should consider if the operating system you are using is up-to-date or not. If not, update to the latest version.
8. Disable Antivirus Temporarily
Some antivirus software creates a layer of their own certificates which can cause the cipher mismatch error. To be sure that the cause of this problem is your antivirus, try disabling it.
9. Disable Extension
Some browser extensions and plugins can interfere with your connection to your website. It is advisable to try disabling extensions one by one and pinpoint which extension is causing the problem. The next step is to simply disable the extension.
10. Disable QUIC protocol
QUIC is a transport layer network protocol designed by Google. When the QUIC protocol is enabled, Google Chrome sometimes displays this error. To disable the QUIC, follow these steps:
- In the address bar, type, chrome://flags
- Search for Experimental QUIC Protocol
- If it defaults or disabled, then leave it as it is
- Disable it if it is not disabled
We have seen so far 10 ways to solve the SSL version cipher mismatch error. There can be other ways to resolve this error. Do you know one such method we missed in this tutorial? Do let us know in the comments. Your comments help fellow users and your interaction allows us to keep the article updated. Thank you so much. Have a great day!
