How To Overcome ERR_SSL_VERSION_OR_CIPHER_MISMATCH- Best In 2021

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

SSL error is one of the many errors experienced by internet users. Although the appearance of the message in the browser worries users a little, the steps to solve it are actually quite easy. In this article, we will discuss a quick and effective way to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

Read More: Best Examples Of e-Commerce Websites With Attractive Designs

What is ERR_SSL_VERSION_OR_CIPHER_MISMATCH?

Every time the website is accessed, the browser will automatically check the SSL certificate. This action is one way to prove the authenticity of the website being accessed and whether the website has run the correct protocol to secure the connection.

If the protocol configuration on the website is not secure, the browser will automatically display an error message, for example, ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

In fact, this message is the browser’s way of protecting its users from accessing unsafe websites.

Another cause is the version of the security protocol used. Most likely the version is an older version which will make websites and devices more vulnerable to security threats.

Keep in mind that the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message only appears if the website being accessed has SSL and HTTPS encryption to secure the exchange of access and information.

Websites that enable this encryption have a lock icon in the URL field.

Oh, yes,  this error usually occurs in Google Chrome browser and Internet Explorer.

Why ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error Occurs in Browser?

ERR_SSL_VERSION_OR_CIPHER_MISMATCH error messages are caused by many things, from incompatible SSL certificates on device components to problems with system security settings, such as incorrectly configured firewalls and antiviruses.

Another cause that often triggers this error is the QUIC (Quick UDP Internet Connections) protocol.

Not to forget, other factors such as outdated cookies and accumulated browser history also affect connection security.

How to Overcome ERR_SSL_VERSION_OR_CIPHER_MISMATCH?

Although the appearance of this error message is enough to panic most internet users, the way to solve it is not that difficult.

Here are five ways to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH :

1. Check the SSL / TLS Certificate

The first way to analyze the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is to check the SSL / TLS certificate. If the certificate used is outdated or damaged, don’t be surprised if there will be many errors popping up every time you access the internet.

Use SSL Labs to check the SSL / TLS certificate.

This tool will check the SSL connection and perform detection on the server to check if there is anything wrong. Not only that, but SSL Labs will also inform you about the validity of SSL / TLS and whether or not it is necessary to renew.

Here’s an example of an SSL report for the Gizmoconcept website created using the SSL Labs tool:

SSL report for the Gizmoconcept

2. Enabling TLS 1.3 Support

As the latest security layer of SSL technology, TSL (Transport Layer Security) creates a secure connection between the browser and the webserver. If this feature is disabled, the browser will reject certificates from some websites. This has led to several problems.

Fortunately, most modern browsers, like Google Chrome, come with TLS 1.3 by default.

However, if you have an old version of Chrome, you must follow these steps to activate TLS browser support:

  1. Open Google Chrome
  2. When chrome: // flags is in Chrome’s URL field, then press Enter
  3. Search for TLS
  4. Enable ( Enable ) TLS 1.3 support

Unfortunately, this option is not available in the new version of Google Chrome.

For example, if you apply the four steps above in Chrome version 80.0.3987.1222, the only option you get is TLS 1.3 downgrade hardening. Its function is to ‘strengthen’ TLS 1.3 connections and allow downgrades in older versions of TLS (set to default).

3. Disabling the QUIC Protocol

The QUIC protocol (Quick UDP Internet Connections) is a Google experimental project that can send simple packages using the User Datagram Protocol (UDP) without requiring a connection.

Although QUIC is known as the best alternative to other security services, such as TCP, HTTP / 2, and TLS / SSL, this protocol sometimes triggers mixed content warnings, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

Well, therefore, you should turn it off to solve SSL certificate connection issues. Here are the steps (via Google Chrome):

  1. Open Chrome and type chrome: // flags in the URL field, then press Enter.
  2. You will be directed to the experimental features page. Search for QUIC.
  3. Set Experimental QUIC Protocol to Disable option.
  4. Done!

Another way to turn off the QUIC protocol is to use Application Control or Firewall Policy. However, since using these two methods requires you to be technically aware, we do not recommend them.

4. Clearing Web History / Cache

Web history and web cache will store site data accessed through the browser. This data can be text, images, or files. Enabling cache means speeding up access to web pages.

Unfortunately, the stored data tends to be static and old data. Especially if the site has made several changes, the existing data is not suitable. A persistent cache can cause SSL errors and a long-term security risk.

Clearing cache on the device and restarting the browser will be the best solution to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

If this method doesn’t get rid of the error, clean the SSL State in the browser.

Here are the steps (for Google Chrome version 80.0.3987.122 ):

  1. Hover over the top right corner of the Chrome screen, click the 3 dots, and select Settings.
  2. Scroll down to the Settings area and find and then click on the Advanced option.
  3. Click Open Proxy SettingsThe Internet Properties dialogue box will appear.Open Proxy Settings
  4. Click the Content tab. Ignore other settings tabs.
  5. Click Clear SSL State, then select OK.

5. Disabling Antivirus and Firewall

Antivirus and/or firewall configuration errors can also cause security issues, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

The warnings displayed are also fake because a safe website will be detected as a dangerous website.

The solution is to leave the firewall settings as default. Another option is to turn it off, but unfortunately, it can cause serious security problems.

Also, if you install antivirus software or other security programs on your computer, the SSL scan feature will automatically activate. Turn off this feature to get rid of error messages on the website.

While there are many ways to turn off automatic SSL scans, if your antivirus has an SSL Scan option, simply set it to OFF.

What if the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error persists?

Security systems that are too risky can also trigger this error message. We recommend reinstalling the browser and checking the version – whether you need to update it or not.

Older operating systems, such as Windows XP and Vista, are also prone to SSL errors. Update the OS immediately to prevent this. On the other hand, if you have the newest OS, always check for the latest updates.

Conclusion

The following is a summary of how to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH :

  • Check the SSL / TSL certificate. Make sure the version is the most recent. Use the SSL Labs tool to check the version.
  • If the browser version you are using is not the latest, activate TLS 1.3 support.
  • Turn off the QUIC protocol as it can cause SSL errors on some websites.
  • Clear all browser history and cache. It could be that an old configuration in the cache is interfering with the connection.
  • Turn off the antivirus and check the firewall configuration. Make sure all this software is set to default. If your antivirus has an SSL auto-scan feature, turn off that feature.

Don’t panic immediately when the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Chrome error message appears on the browser screen. Do the four methods above to solve it. By applying the right method, the occurrence of this error can be minimized.

Leave a Comment