SSL error is one of the many errors experienced by internet users. Although the appearance of the message in the browser worries users a little, the steps to solve it are quite easy. In this article, we will discuss a quick and effective way to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
What is ERR_SSL_VERSION_OR_CIPHER_MISMATCH?
Every time the website is accessed, the browser will automatically check the SSL certificate. This action is one way to prove the authenticity of the website being accessed and whether the website has run the correct protocol to secure the connection.
If the protocol configuration on the website is not secure, the browser will automatically display an error message, for example, ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
This message is the browser’s way of protecting its users from accessing unsafe websites.
Another cause is the version of the security protocol used. Most likely the version is an older version which will make websites and devices more vulnerable to security threats.
Keep in mind that the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message only appears if the website being accessed has SSL and HTTPS encryption to secure the exchange of access and information.
Websites that enable this encryption have a lock icon in the URL field.
Oh, yes, this error usually occurs in Google Chrome browser and Internet Explorer.
Why ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error Occurs in Browser?
ERR_SSL_VERSION_OR_CIPHER_MISMATCH error messages are caused by many things, from incompatible SSL certificates on device components to problems with system security settings, such as incorrectly configured firewalls and antiviruses.
Another cause that often triggers this error is the QUIC (Quick UDP Internet Connections) protocol.
Not to forget, other factors such as outdated cookies and accumulated browser history also affect connection security.
How to Overcome ERR_SSL_VERSION_OR_CIPHER_MISMATCH?
Although the appearance of this error message is enough to panic most internet users, the way to solve it is not that difficult.
Here are five ways to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH :
1. Check the SSL / TLS Certificate
The first way to analyze the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is to check the SSL / TLS certificate. If the certificate used is outdated or damaged, don’t be surprised if there will be many errors popping up every time you access the internet.
Use SSL Labs to check the SSL / TLS certificate.
This tool will check the SSL connection and perform detection on the server to check if there is anything wrong. Not only that, but SSL Labs will also inform you about the validity of SSL / TLS and whether or not it is necessary to renew.
Here’s an example of an SSL report for the Gizmoconcept website created using the SSL Labs tool:
2. Enabling TLS 1.3 Support
As the latest security layer of SSL technology, TSL (Transport Layer Security) creates a secure connection between the browser and the webserver. If this feature is disabled, the browser will reject certificates from some websites. This has led to several problems.
Fortunately, most modern browsers, like Google Chrome, come with TLS 1.3 by default.
However, if you have an old version of Chrome, you must follow these steps to activate TLS browser support:
- Open Google Chrome
- When chrome: // flags is in Chrome’s URL field, then press Enter
- Search for TLS
- Enable ( Enable ) TLS 1.3 support
Unfortunately, this option is not available in the new version of Google Chrome.
For example, if you apply the four steps above in Chrome version 80.0.3987.1222, the only option you get is TLS 1.3 downgrade hardening. Its function is to ‘strengthen’ TLS 1.3 connections and allow downgrades in older versions of TLS (set to default).
3. Disabling the QUIC Protocol
The QUIC protocol (Quick UDP Internet Connections) is a Google experimental project that can send simple packages using the User Datagram Protocol (UDP) without requiring a connection.
Although QUIC is known as the best alternative to other security services, such as TCP, HTTP / 2, and TLS / SSL, this protocol sometimes triggers mixed content warnings, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
Well, therefore, you should turn it off to solve SSL certificate connection issues. Here are the steps (via Google Chrome):
- Open Chrome and type chrome: // flags in the URL field, then press Enter.
- You will be directed to the experimental features page. Search for QUIC.
- Set Experimental QUIC Protocol to Disable option.
Another way to turn off the QUIC protocol is to use Application Control or Firewall Policy. However, since using these two methods requires you to be technically aware, we do not recommend them.
4. Clearing Web History / Cache
Web history and web cache will store site data accessed through the browser. This data can be text, images, or files. Enabling cache means speeding up access to web pages.
Unfortunately, the stored data tends to be static and old data. Especially if the site has made several changes, the existing data is not suitable. A persistent cache can cause SSL errors and a long-term security risk.
Clearing cache on the device and restarting the browser will be the best solution to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
If this method doesn’t get rid of the error, clean the SSL State in the browser.
Here are the steps (for Google Chrome version 80.0.3987.122 ):
- Hover over the top right corner of the Chrome screen, click the 3 dots, and select Settings.
- Scroll down to the Settings area and find and then click on the Advanced option.
- Click Open Proxy Settings. The Internet Properties dialogue box will appear.
- Click the Content tab. Ignore other settings tabs.
- Click Clear SSL State, then select OK.
5. Disabling Antivirus and Firewall
Antivirus and/or firewall configuration errors can also cause security issues, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
The warnings displayed are also fake because a safe website will be detected as a dangerous website.
The solution is to leave the firewall settings as default. Another option is to turn it off, but unfortunately, it can cause serious security problems.
Also, if you install antivirus software or other security programs on your computer, the SSL scan feature will automatically activate. Turn off this feature to get rid of error messages on the website.
While there are many ways to turn off automatic SSL scans, if your antivirus has an SSL Scan option, simply set it to OFF.
What if the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error persists?
Security systems that are too risky can also trigger this error message. We recommend reinstalling the browser and checking the version – whether you need to update it or not.
Older operating systems, such as Windows XP and Vista, are also prone to SSL errors. Update the OS immediately to prevent this. On the other hand, if you have the newest OS, always check for the latest updates.
The following is a summary of how to solve ERR_SSL_VERSION_OR_CIPHER_MISMATCH :
- Check the SSL / TSL certificate. Make sure the version is the most recent. Use the SSL Labs tool to check the version.
- If the browser version you are using is not the latest, activate TLS 1.3 support.
- Turn off the QUIC protocol as it can cause SSL errors on some websites.
- Clear all browser history and cache. It could be that an old configuration in the cache is interfering with the connection.
- Turn off the antivirus and check the firewall configuration. Make sure all this software is set to default. If your antivirus has an SSL auto-scan feature, turn off that feature.
Don’t panic immediately when the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Chrome error message appears on the browser screen. Do the four methods above to solve it. By applying the right method, the occurrence of this error can be minimized.
Mustafa Al Mahmud is the Founder and CEO of Gizmo Concept and also a professional Blogger, SEO Professional as well as Entrepreneur. He loves to travel and enjoy his free moment with family members and friends.