ERR_SSL_VERSION_OR_CIPHER_MISMATCH is a browser error that appears when the client and server cannot agree on a common TLS protocol version or cipher suite during the TLS handshake. The cause is usually server-side: an outdated TLS 1.0/1.1 configuration, missing modern ciphers, or an incorrectly installed certificate that prevents negotiation.
This guide explains what the error means, walks through every server-side and client-side cause, shows you how to tell them apart, and gives concrete diagnostic and repair commands for nginx and Apache, plus browser-side workarounds. It is written for site owners and system administrators.
What ERR_SSL_VERSION_OR_CIPHER_MISMATCH means
When a browser opens an SSL/TLS проверку connection, it sends the server a list of supported TLS versions and TLS cipher suites 2026 in a ClientHello message. The server picks a shared option and replies with ServerHello. If there is no overlap — no common protocol version or no common cipher suite — the handshake aborts and Chrome shows ERR_SSL_VERSION_OR_CIPHER_MISMATCH. Firefox shows SSL_ERROR_NO_CIPHER_OVERLAP; Safari shows "Safari can't establish a secure connection."
The key word is mismatch. This error is not about an expired certificate by itself or a wrong domain — it fails at the very first stage, before certificate validation. The two sides literally could not find a common language for encryption.
Causes of ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Causes fall into two broad groups: server-side (the vast majority) and client-side. Let's cover both.
Outdated TLS versions (1.0 and 1.1)
The most common cause after 2020. Chrome, Firefox, Safari, and Edge have all disabled TLS 1.0 and TLS 1.1 as insecure. If your server is configured to speak only these protocols, a modern browser finds no common version and throws the error. The fix is to enable TLS 1.2 and TLS 1.3 on the server.
Incompatible cipher suites
Even when the TLS version matches, both sides must agree on a specific cipher suite. If the server offers only outdated ciphers (RC4, 3DES, DES, export-grade, or ciphers without forward secrecy) that browsers dropped long ago, there is no overlap. You need a modern list: ECDHE with AES-GCM and ChaCha20-Poly1305.
Weak and legacy ciphers: RC4, 3DES, DES
RC4 is prohibited in TLS (RFC 7465 bans it outright), 3DES is vulnerable to the Sweet32 attack, and export-grade ciphers are a 1990s relic. Browsers removed them from their default lists. A server relying on such ciphers is doomed to mismatch with modern clients.
Certificate problems
Although the error is primarily about protocol and ciphers, a misconfigured certificate can also trigger it: a wrong key format, a certificate/cipher type mismatch (for example an ECDSA key with RSA-only ciphers in the config), or a self-signed or corrupted certificate that stops the server from completing negotiation. An expired certificate usually gives a different error (NET::ERR_CERT_DATE_INVALID), but combined with a restrictive config it can surface as a cipher mismatch.
Server-side or client-side error
The first practical step is to locate the problem. If every user sees the error on every device, it is almost certainly the server. If only you see it on one device but the site loads on your phone over mobile data, the cause is local (an outdated browser, antivirus, system clock, or a corporate proxy). The table below helps you diagnose.
| Cause type | Symptom | How to check | Fix |
|---|---|---|---|
| Server: old TLS | Error for everyone, all devices | openssl s_client -connect host:443 -tls1_2 | Enable TLS 1.2/1.3 in server config |
| Server: weak ciphers | Error in new browsers, old ones work | Check on /en/ssl or SSL Labs | Set a modern ssl_ciphers list |
| Server: certificate | Handshake aborts for all | openssl s_client -connect host:443 -showcerts | Reinstall certificate and chain |
| Client: old browser | Error for one user only | Open the site in another browser/device | Update browser and OS |
| Client: antivirus/proxy | Error disappears without antivirus | Temporarily disable HTTPS scanning | Turn off SSL inspection in the software |
| Client: system clock | TLS errors on many sites | Check the system date and time | Sync the clock via NTP |
How to fix it on the server
If diagnosis pointed to the server, edit your web server configuration to enable current protocols and ciphers. Below are proven settings for nginx and Apache that match Mozilla's recommendations (Intermediate profile).
nginx configuration
In your site's server block, set the protocol versions and cipher list. TLS 1.3 cipher suites are fixed by the standard; for TLS 1.2 we specify ECDHE-first suites:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/example.com/fullchain.pem;
ssl_certificate_key /etc/ssl/example.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
}After editing, test the syntax and reload nginx:
sudo nginx -t
sudo systemctl reload nginxApache configuration
In your virtual host file (for example /etc/apache2/sites-enabled/example.com.conf) or the SSL config, set:
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/ssl/example.com/fullchain.pem
SSLCertificateKeyFile /etc/ssl/example.com/privkey.pem
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLHonorCipherOrder off
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305
</VirtualHost>Validate the configuration and reload Apache:
sudo apachectl configtest
sudo systemctl reload apache2Verify the result with openssl and curl
Confirm the server now accepts TLS 1.2 and returns a valid cipher. The openssl s_client command shows the negotiated protocol version and cipher suite:
openssl s_client -connect example.com:443 -tls1_2
# Look for: Protocol : TLSv1.2 and Cipher : ECDHE-RSA-AES128-GCM-SHA256For a quick check with curl and a verbose handshake log:
curl -v --tlsv1.2 https://example.com/
# The line '* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256' confirms successHow to fix it in the browser
If the error appears only for you while the site loads on other devices, the problem is client-side. Work through these steps in order:
- Update your browser and OS. Old versions of Chrome or Firefox, or an outdated Windows/Android, may not support modern ciphers.
- Clear the SSL state and cache. On Windows: Internet Options → Content → Clear SSL state. Restart the browser.
- Check the date and time. A wrong system clock breaks TLS on many sites — sync it via NTP.
- Disable antivirus HTTPS scanning. Kaspersky, ESET, Avast, and others intercept TLS and can force incompatible ciphers.
- Check proxy and VPN. Corporate proxies with SSL inspection are a common cause. Disable them temporarily to test.
- Try incognito mode. This rules out interference from browser extensions.
Important: do not try to "re-enable old TLS 1.0/1.1" in the browser as a workaround — it lowers your own security. The right fix is to correct the server.
How to check your site's SSL
Before changing the configuration, it helps to see the full picture: which TLS versions and ciphers the server actually offers, whether the certificate chain is valid, and when it expires. Our free SSL certificate checker shows the negotiated protocol, cipher suite, validity period, and trust chain in a couple of seconds — no local utilities required. It is a fast way to confirm that ERR_SSL_VERSION_OR_CIPHER_MISMATCH is gone after your fixes.
Useful related reading: fixing ERR_SSL_PROTOCOL_ERROR, why the SSL handshake fails, and a comparison of TLS 1.3 versus TLS 1.2.
Frequently Asked Questions
Why did this error appear suddenly on a site that used to work?
Most likely your browser updated and disabled the outdated protocol or cipher your server relied on. Chrome and Firefox gradually remove TLS 1.0/1.1 and weak ciphers. A server that worked yesterday can become incompatible overnight. Update the configuration to TLS 1.2/1.3 with modern cipher suites and access is restored.
Is this my server's problem or my computer's?
Check the site from another device and over mobile data. If everyone sees the error, the server is at fault: old TLS or weak ciphers. If only you see it, the cause is local — an outdated browser, antivirus with HTTPS scanning, a wrong system clock, or a corporate proxy. The table in this article helps you pinpoint the source.
Should I keep TLS 1.0 and 1.1 support for old clients?
No. TLS 1.0 and 1.1 are officially deprecated (RFC 8996) and insecure. Keeping them means leaving a vulnerability open for a negligible share of devices. Modern operating systems and browsers have supported TLS 1.2 for years. Configure TLS 1.2 and 1.3 — that covers all current clients without compromising security.
How do I see which ciphers my server offers?
Run openssl s_client -connect host:443 -tls1_2 and read the Cipher line in the output, or use an online check on the /en/ssl page. It shows the full list of negotiable cipher suites, the protocol version, and a security rating of your configuration — with no tools to install on your computer.
Does reissuing the certificate help?
Only if the original problem was the certificate itself — corrupted, wrong key format, or a type mismatch (ECDSA versus RSA). In most cases ERR_SSL_VERSION_OR_CIPHER_MISMATCH is caused by protocol and cipher settings, not the certificate, so fix ssl_protocols and ssl_ciphers first and keep reissuing as a last resort.