SSL errors are one of the most common problems faced by internet users. In this article, we will help you to solve the error message ERR_SSL_VERSION_OR_CIPHER_MISMATCH quickly and efficiently.


Every time you try to connect to a website, your browser will automatically check that website’s SSL certificate. This process proves that the website visited is secure and has implemented the correct protocol to secure your connection.

When the protocol configured on the website’s server appears to be insecure, your browser will automatically display an error message such as ERR_SSL_VERSION_OR_CIPHER_MISMATCH .


This message is basically the browser’s way of protecting you from accessing unsafe websites.

In addition, the website you are trying to visit may also be using an older version of the protocol that has some serious security holes that can put your device at risk.

Furthermore, it is important to note that the error message ERR_SSL_VERSION_OR_CIPHER_MISMATCH appears only when you are using CloudFlare or trying to access websites that use it.

Websites that use these encodings have a padlock icon in the URL bar.

Websites with SSL certificates and HTTPS encryption often have a lock icon

It’s also important to reiterate that this issue is more likely to occur on Google Chrome and Internet Explorer.

Why does it appear in your browser?

Pine error ERR_SSL_VERSION_OR_CIPHER_MISMATCH can be caused by a variety of reasons, from incompatibility of one or more SSL certificates with components on your device to problems with system security settings such as firewalls and anti-virus programs- withdraw is not configured properly.

Another common cause of this error is the protocol QUIC (Quick UDP Internet Connections).

Furthermore, other small things like old cookies and stacked browser history can also affect the security of the connection.


As we mentioned before, although the message looks complicated and a bit intimidating for a beginner, it is actually quite easy to fix as long as you know the right methods to deal with it. .

There are at least five effective methods that you can try to resolve the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH :

1. Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH error if using CloudFlare

This error most often occurs when you are using CloudFlare on your domain, to fix it you need to login to Cloudflare directly at

Don’t worry if you purchased Cloudflare from Hostinger, once you set it up here you will receive an email with instructions, you can also log in to the original Cloudflare account itself.

Once you’re signed in, you need to follow these steps:

  1. On the Menu bar, select the SSL/TLS button

  2. From there you will see a submenu, you should select Edge Certificates and it should look like the image below:

3. Scroll to the bottom, you will see the button Disable Universal SSL:

Now by default Universal SSL will always be enabled and to fix this you need to disable it, wait a few minutes and you turn it back on enable. So you will see the same display as before as shown in the image below:

4. Once you’ve done the above steps, you can clear the cache from your Cloudflare account. Choose Caching on the menu bar and select the function Purge Everything as shown below:

Once done, wait a few minutes and your website will be back up and up and running

2. Check your SSL/TLS certificate

Checking your SSL/TLS certificate might be a good place to start fixing errors ERR_SSL_VERSION_OR_CIPHER_MISMATCH . If your TLS/SSL certificate is old or corrupted, you shouldn’t be surprised if a lot of error messages appear every time you surf the internet.

To test SSL/TLS certificates you can use SSL Labs.

SSLLabs will classify your SSL connection

This tool will classify your SSL connection and detect if there is any mismatch in the server. It can also notify you if your SSL/TLS is old and needs updating.

Here is an example of an SSL report from Hostinger using this awesome tool:

this is Hostinger's SSL quality in SSLLabs

3. Enable TLS 1.3 Support

TSL (Transport Layer Security) provides a secure connection between your browser and the web server. This class is a direct successor of SSL technology.

If this feature is disabled, it could be the reason why your browser is rejecting the certificate of some websites.

Fortunately, most modern browsers, such as Google Chrome, are already equipped with TLS 1.3 by default.

However, if you have an earlier version of Chrome, you need to follow these steps to enable TLS support for your browser:

  1. Open Google Chrome
  2. Type chrome://flags in Chrome’s URL bar, then press enter
  3. Now search TLS
  4. Set TLS 1.3 support to Turn on

Note, however, that this feature will not be available in newer versions of Google Chrome.

For example, if you try those steps in Chrome version 80.0.3987.122 , you will only see the process downgrade TLS 1.3 which “hardens” TLS 1.3 connections and provides downgrade compatibility for older TLS (set it to default).

4. Disable QUIC . protocol

QUIC (Quick UDP Internet Connections) protocol is an experimental project by Google that can send simple packets using User Datagram Protocol (UDP) without connection.

Although QUIC is known as a great alternative to other well-known security solutions such as TCP, HTTP/2, and TLS/SSL, the protocol often causes mixed content warnings, including ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

Therefore, you may need to disable this protocol to resolve SSL/certificate connection issues. Here are the steps to disable it in Google Chrome:

  1. Open Chrome, then type chrome://flags in the URL bar and press enter.
  2. You will go to the experimental features page, search QUIC .
  3. Put Experimental QUIC protocol Fort Turn off .
  4. Done!

Keep in mind that there are other methods to disable the QUIC protocol, such as using use Application Control or Firewall Policy . However, we do not recommend them as these methods require a bit of expertise.

5. Clear your Web History/Cache

Web history and cache will store data on the web pages that you have visited in the browser. Data can be text, images, or files. Enabling cache allows you to access web pages faster.

However, keeping the old cache is a bad habit, especially if the websites you have visited have updated its system. If you don’t clear the cache for a long time, it can cause SSL failures and long-term security risks.

Therefore, sometimes clearing the device cache and restarting the browser is the best solution lỗi ERR_SSL_VERSION_OR_CIPHER_MISMATCH .

If it doesn’t resolve the error, you may need to clear the SSL Status in your browser.

Here are the steps to remove the SSL Status in the latest version of Google Chrome ( version 80.0.3987.122 ) :

  1. Hover over the right corner of the Chrome screen, click the 3 vertical dots, then select Setting.go to settings in chrome to fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH
  2. Scroll down in the Settings area until you find it option Advanced . Click it.
    select advanced option in chrome settings
  3. Now click Open Proxy Settings . Dialog box Internet properties will appear.
    mở proxy setting trong chrome
  4. Choose tab Content . Ignore settings in all other tabs
    you select the content button to try to fix the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Click Clear SSL status , then press OK .

5. Turn off your anti-virus software or firewall

Improper firewall and/or anti-virus configuration can also cause connection security issues leading to failure ERR_SSL_VERSION_OR_CIPHER_MISMATCH .

Poor configuration can also cause some false alarms that cause a secure site to be detected as a dangerous site.

Therefore, it is better to leave your firewall settings at default. You can also disable it, but this can cause serious security problems.

Furthermore, if you run anti-virus software or any kind of security program installed on your computer, the software may have automatic SSL scanning. Turning off SSL Scan can help you get rid of error messages on your website.

The steps to disable automatic SSL scanning in anti-virus programs vary. However, if the one you are using has an SSL Scan option, just turn it off.

If you can’t fix the error

While we think the above methods are sufficient to fix errors in your browser, sometimes they may not work due to some unknown reason.

If that happens, we strongly recommend that you reinstall your web browser. Don’t forget to check your browser version, you may need to update it to the latest version. Or contact your hosting support team, reputable hosting providers will help you fix the error in a few minutes.

Furthermore, older operating systems such as Windows XP and Vista have a higher risk of SSL errors. So you have to update your operating system to prevent the error. If you already have the latest operating system, try updating it to the latest security update.


If you happen to receive an error message ERR_SSL_VERSION_OR_CIPHER_MISMATCH While surfing the Internet, you can do a few things:

  • Disable and re-enable the item Disable Universal SSL in your CloudFlare account
  • Check your SSL/TSL certificate, make sure you use the latest version. Use SSL Labs to check it.
  • If you use an older browser, you may need to enable TLS 1.3 support.
  • Make sure you have the QUIC protocol disabled as it can cause SSL errors in some websites.
  • Try to clear all your browser history and cache. There may be an old configuration in the cache affecting your connection.
  • Try disabling your anti-virus software and check the firewall configuration, make sure everything is set to default. If your anti-virus software has automatic SSL scanning, disable it.

Finally, the first thing you need to do when you receive an unexpected error message in your browser is to stay calm and read the error message carefully. Most people panic when they stumble across an error like this. To fix the error, carefully review the message and try to correct the error according to the error code you see.

And now, if you have fixed the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH, Please let us know in the comments section how you used to fix the error.


Huy Do. is an expert in managing and operating Website services. He has many years of experience in Hosting, Domain, Technical, CMS. His hobbies are technology, reading, traveling and mentoring young people to start a business.

Categorized as Email

By Nguyen Manh Cuong

Nguyen Manh Cuong is the author and founder of the nguyendiep blog. With over 14 years of experience in Online Marketing, he now runs a number of successful websites, and occasionally shares his experience & knowledge on this blog.

Leave a comment

Your email address will not be published. Required fields are marked *