The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is one of the common SSL errors that are encountered by internet users. The issue seems quite scary, especially when you consider that it is related to your data security, but the error is actually quite easy to solve.
If you see this error pop-up on your web browser, don’t worry. With basic troubleshooting techniques, you can easily solve this problem. This article will take you through everything you need to know about this SSL error and the most effective ways to fix it.
What ERR_SSL_VERSION_OR_CIPHER_MISMATCH Means?
Whenever you try to get on a website, your browser automatically checks the SSL certificate of the site to ensure it is safe to use. By checking the SSL certificate, your browser verifies that the website is genuine and has implemented the proper security protocols for the connection.
Sometimes, due to various reasons, as discussed below, the browser might perceive the website to be unsafe and automatically display an SSL error message, such as ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
This is the browser’s way of protecting you from accessing an unsafe website that may be malware or insecure, or the website may be running an old version of the security protocol.
Do note that the ERR_SSL_VERSION_OR_CIPHER_MISMATCH message only occurs when you try to access websites that use HTTPS and SSL encryption to secure the information exchange. Websites that use these show a padlock on the URL search bar, just before the website’s URL.
When Does the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error Occur?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is quite common than you think! It typically occurs if you are running an older operating system or haven’t updated your browser in recent months. This problem also occurs when your browser has stacked up old cookies and history, which may be interfering with the security of the connection.
Another reason why this error can occur is if you and the website host are running incompatible SSL certificates or if your device’s firewall and security system are interfering with your connection.
Those aren’t the only reason, though. There have been instances where the issue occurs if you migrate your WordPress site from one host to another.
Remember, this error also shows up as the following:
- Error 113 (net::err_ssl_version_or_cipher_mismatch): unknown error
- The client and web server don’t support a common SSL protocol version or cipher suite
How Do You Fix Unsupported Protocol or Cipher Suite?
As mentioned earlier, the error looks complicated and intimidating, but it is pretty easy to fix it. Here are the most common and effective ways of resolving the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error that may work for you.
Delete Browser Cache and Cookies
One of the easiest ways to fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH error in your browser is to simply clear its cache, cookies, and in some cases, search history.
Your browser’s history and cache store data on sites that you have visited before; this data includes text, files, and images. The reason why browsers rely on such caching is to make the load speed better for the websites you regularly visit.
However, a lot of old caches and history buildup can be a bad thing as it can start interfering with the latest website updates and cause SSL errors and even long term security issues. It is best to wipe your browser’s cache first if you come across the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
Clearing the cache in browsers like Internet Explorer, Google Chrome, and Mozilla Firefox is relatively easy. All you have to do is go to the setting dashboard, find the option Clear Browser Data, select the right options, and click on the Clear Data button.
Check the SSL Certificate
The next method you should try is clearing your browser cache does not work is to verify your SSL certificate. Sometimes, the TLS/SSL certificate may be broken or obsolete, which can cause the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error to show up on your browser.
To check your SSL certificate, we recommend that you use an SSL checker tool like SSL Labs.
An SSL certificate checker tool will analyse and grade your SSL connection and detect any mismatch in the web server. If it finds any discrepancies, it will inform you about them.
Clear the SSL State
In some cases, clearing the cache of the browser may not work. In that case, you can also try clearing the SSL State of your browser.
To clear the SSL State in Google Chrome, you need to go into the advanced settings menu, navigate to Open Proxy Settings.
You will find the ‘Internet properties’ box, then go to the Content tab
Click on Settings, and then click on Clear SSL State.
Disable the Anti-Virus Software Temporarily
As we mentioned above, sometimes, your device’s antivirus software or firewall may also interfere with the SSL connection, especially if they haven’t been configured correctly, resulting in the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. This is because improper configurations can cause false alarms that may make a safe website seem to be dangerous.
The first thing you should do is revert your firewall settings to default. While many websites on the internet may encourage you to disable firewall settings, we recommend against it, as it can cause some serious security problems.
Next, if you use antivirus software, we recommend that you try turning off automatic SSL scanning. Disabling the automatic SSL scanning feature could help you get rid of the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
Check If the Site is Running an Outdated RC4 Cipher Suite
Another reason for the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error could be that the RC4 cipher suite in your Google Chrome version 48 may be outdated. While this issue isn’t common, it could still happen, especially at larger enterprise deployments that rely on RC4.
To try this, all you have to do is a simple version check of your Chrome browser and disable RC4 if it is working. Make sure that your server configuration is enabled with a different cipher suite.
Determine Whether the Site Is Running an Old Version of TLS
Another reason for the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error could be that your webserver runs an older or outdated version of TLS. Ideally, you should be running TLS 1.3, or at least TLS 1.2, on your server.
To check your TLS version, you can use any of the available SSL certificate checker tools. You can find the current version of your TLS under the configuration menu if you use SSL Labs, for instance.
If your TLS version is pre-1.2 on your server, you need to contact your host and request a TLS update. However, if your browser TLS version is outdated, you can update it yourself.
Enable TLS 1.3 on your browser
The latest version of Chrome already uses TLS 1.3, but if you are running an older version, follow these steps to update to ELS 1.3:
- Open Google Chrome
- Type chrome://flags in the URL search bar and hit Enter
- Now, search for TLS
- Set the TLS 1.3 to Enable
Note that this will only work for older versions of Chrome that came before the Chrome version 80.0.3987.122. In the later versions, you will find the TLS 1.3 Downgrade Hardening setting, which is not the same.
Enable All SSL/TLS Versions
Similarly, you can also try enabling all SSL/TLS versions. You can do this as follows:
- Open Google Chrome
- Click on the three dots at the top right corner
- Go to settings and search for network
- Click on the Open Proxy Settings option
- Go to the Advanced tab
- Now, mark all SSL and TLS version
- Hit the Apply button and restart the browser
Check for Certificate Name Mismatch
One of the rarer reasons why the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error may show up is because of a name mismatch in the certificate. The most common reasons for certificate name mismatch include:
- The website does not use SSL certificates but shares the IP address with another site that does
- The site no longer exists, but the domain points to the old IP address that now hosts another site
- The website uses a CDN(Content Delivery Network) that doesn’t support SSL
Fortunately, this issue is relatively easy to fix.
The easiest way to fix certificate name mismatch is by using any of the available SSL certificate analysing tools like SSL Labs, which diagnose the problem for you and offer the right solution.
Disable QUIC protocol
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH can also occur if the QUIC Protocol is enabled in Google Chrome. To disable it, follow these steps:
- In the URL search bar, type “chrome://flags”
- Search for Experimental QUIC Protocol
- If it is not disabled, disable it and restart the web browsers
If none of these solutions fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, you can always try to reinstall your web browser and extensions. These should be enough to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message that you keep seeing.
If you want to know more about fixing such issues with your web browser and website, stay tuned.