If you’ve landed here after searching something like “ERR_SSL_VERSION_OR_CIPHER_MISMATCH Chrome bypass”, “unsupported protocol the client and server don’t support a common SSL protocol version or cipher suite”, or even the more straightforward “the client and server don’t support a common SSL protocol version or cipher suite”, don’t panic.
These errors usually pop up when the browser and server can’t agree on how to securely communicate, either due to outdated SSL protocols, deprecated cipher suites, or misconfigured server settings.
The good news?
These issues are fixable. In this guide, we’ll break down what this error actually means, why it happens, and how to resolve it step-by-step.
Table of Contents
When does the ERR_SSL_VERSION_OR_CIPHER_MISMATCH?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error shows up when a browser tries to establish a secure connection (HTTPS) but can’t agree with the server on which SSL/TLS protocol version or cipher suite to use. Basically, the client and server don’t share any supported encryption methods, so the handshake fails before the page can load.
This usually happens in a few common situations:
- The server is using outdated SSL/TLS versions – For example, if it only supports SSL 3.0 or TLS 1.0, most modern browsers (especially Chrome) will refuse to connect because those protocols are no longer considered secure.
- The server’s cipher suite is no longer accepted – Some servers are still configured to use legacy or weak cipher suites that browsers have phased out for security reasons.
- There’s a misconfigured CDN, proxy, or firewall – Sometimes the issue isn’t the server itself but a service in between that’s stripping or downgrading SSL/TLS during transmission.
- The domain’s SSL certificate is using unsupported features – For example, if the certificate is using outdated encryption algorithms or missing key extensions required by modern browsers.
- The browser is out of date or misconfigured – Less common, but if a user is running an outdated version of Chrome or another browser, it may not support newer encryption methods.
In short, the error typically means the server and browser can’t find common ground on how to securely communicate. From a dev perspective, this is your cue to inspect both ends: check your server configuration and verify that your SSL/TLS setup meets current security standards.
Quick Fixes to Resolve ERR_SSL_VERSION_OR_CIPHER_MISMATCH
If you’re seeing error messages like:
- “the client and server don’t support a common SSL protocol version or cipher suite”
- “unsupported protocol”
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH (Chrome)
…then these quick fixes should help you troubleshoot and resolve the issue fast.
Make sure your server supports TLS 1.2 or TLS 1.3
Modern browsers have dropped support for SSL 3.0, TLS 1.0, and TLS 1.1. If your server is still using any of those outdated protocols, the browser will refuse to establish a connection, resulting in this error.
What to do:
Update your server configuration to explicitly disable insecure protocols and enable TLS 1.2 and TLS 1.3.
Apache (httpd.conf or ssl.conf):
SSLProtocol -all +TLSv1.2 +TLSv1.3
Nginx (nginx.conf or site-specific config):
ssl_protocols TLSv1.2 TLSv1.3;
After updating the config:
- Restart the server to apply the changes (systemctl restart apache2 or systemctl restart nginx)
- Test using openssl s_client -connect yourdomain.com:443 to verify the protocol
Use modern, browser-supported cipher suites
A mismatch in cipher suites can prevent the SSL handshake from succeeding. Older cipher suites like RC4, 3DES, or NULL are no longer accepted by browsers like Chrome and Firefox. If your server supports only those, users will see an “unsupported protocol” or “uses an unsupported protocol” message.
What to do:
Update your cipher suite configuration using modern, secure ciphers recommended by Mozilla.
Verify your SSL certificate chain and encryption strength
Misconfigured or outdated SSL certificates can also trigger this error. Common issues include missing intermediate certificates, expired certs, or the use of deprecated hashing algorithms like SHA-1.
What to check and how:
| Problem | How to identify | How to fix it |
| Certificate has expired | Use openssl s_client or check in browser | Renew the certificate through your certificate authority |
| Intermediate certificates are missing | Use SSL Labs | Install the full certificate chain (root + intermediate) |
| Weak hashing algorithm (e.g. SHA-1) | SSL Labs will flag this as “insecure” | Reissue the certificate with SHA-256 or higher |
Also, make sure your certificate matches the domain you’re securing, especially with wildcard or subdomain setups.
Clear SSL state and browser cache (for local testing)
If you’re testing SSL changes in your browser and still seeing ERR_SSL_VERSION_OR_CIPHER_MISMATCH, the problem may be cached locally. Browsers cache SSL sessions to speed up handshakes, but that can cause issues during debugging.
Steps to clear SSL state in Chrome:
- Open Chrome Settings
- Navigate to Privacy and security > Security
- Scroll down and click Manage certificates
- Go to the Personal tab and click Clear SSL state
Also clear your browser cache and restart Chrome to ensure a fresh connection.
Check CDN, proxy, or firewall configurations
If your site sits behind a content delivery network (like Cloudflare, CloudFront, or Akamai), an improperly configured proxy or SSL mode can trigger protocol or cipher mismatches.
What to do:
- Make sure the origin server supports TLS 1.2 or higher
- Set CDN SSL mode to Full (Strict) where available to avoid SSL downgrades
- Avoid “Flexible SSL” unless absolutely necessary—it terminates HTTPS at the CDN, not your server
- Confirm that CDN edge certificates are up to date and correctly installed
For Cloudflare:
- Go to SSL/TLS settings
- Set the minimum TLS version to TLS 1.2
- Enable Modern cipher suite support
Ensure browser compatibility and test on multiple devices
Sometimes the error isn’t on your end at all. If a user is running an outdated browser or operating system, their client may not support newer TLS versions or cipher suites.
Recommendations:
- Ask users to update their browsers
- Test your site using Chrome, Firefox, Edge, and Safari
- Use tools like BrowserStack or SSL Labs to simulate different client environments
Check your internet connection
This error is sometimes triggered simply due to a poor internet connection.
Check your internet connection to ensure everything is working properly on that front and contact your Internet Service Provider if you need help, together with the provider it is important to find out what is good internet speed for you so that you do not face such a problem in the future.
Improve your data management with wpDataTables
Tired of technical issues slowing down your workflow?
With wpDataTables you’re getting the most powerful table plugin and peace of mind. Our plugin is built to run flawlessly on secure, modern websites, fully compatible with updated SSL protocols and hosting environments. There’s a good reason why it’s the #1 WordPress plugin for creating responsive tables and charts.
You can create interactive tables and charts without a line of code or worrying about technical issues. You can manage large datasets and pull data from virtually any source – Excel, MySQL, Google Sheets, you name it.
wpDataTables handles it all with speed and security. It’s perfect for any WordPress site – reports, pricing tables, and anything else that needs structured and interactive data.
And it’s really easy to do something like this:
- You provide the table data
- Configure and customize it
- Publish it in a post or page
And it’s not just pretty, but also practical. You can make large tables with up to millions of rows, or you can use advanced filters and search, or you can go wild and make it editable.
“Yeah, but I just like Excel too much and there’s nothing like that on websites”. Yeah, there is. You can use conditional formatting like in Excel or Google Sheets.
Did I tell you you can create charts too with your data? And that’s only a small part. There are lots of other features for you.
Check for certificate name mismatch
This doesn’t happen often, but there were some cases reported of a certificate name mismatch causing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. Luckily, this is very easy and quick to diagnose and fix.
A mismatch can be a number of things such as:
- The site does not use SSL, but shares an IP address with some other site that does.
- The site no longer exists, yet the domain still points to the old IP address, where some other site is now hosted.
- The site uses a content delivery network (CDN) that doesn’t support SSL.
- The domain name alias is for a website whose name is different, but the alias was not included in the certificate.
- Browser compatibility issues causing SSL/TLS handshake failures.
Remove unnecessary add-ons and extensions
Some add-ons and/or extension can cause this error to happen so try to identify the ones that cause the problem and remove them.
Disable QUIC protocol
If the QUIC Protocol is enabled, the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error can occur in Chrome. To fix it, you have to disable the QUIC protocol. Here is how you can do that:
- In URL type, chrome://flags
- Search for Experimental QUIC protocol
- If it is disabled (or default), then keep it as it is and close the window.
- If it is not disabled then disable it.
FAQs about ERR_SSL_VERSION_OR_CIPHER_MISMATCH
How to fix the client and server don’t support a common SSL protocol version or cipher suite in Chrome?
Update your server to support TLS 1.2 or TLS 1.3 and ensure it uses modern cipher suites accepted by Chrome; outdated protocols like SSL 3.0 and TLS 1.0 are no longer supported.
How do I fix an unsupported protocol or cipher suite?
Check your server’s SSL configuration and replace any legacy protocols or weak cipher suites with secure, browser-compatible ones such as TLS 1.3 and strong AES-GCM or ChaCha20-based ciphers.
How to resolve ERR_SSL_VERSION_OR_CIPHER_MISMATCH error?
Ensure your server supports up-to-date TLS versions and cipher suites, has a valid certificate chain, and that there are no misconfigurations in your CDN, proxy, or firewall settings.
How do I fix a common SSL protocol error?
Audit your server’s SSL/TLS settings, remove deprecated protocols like SSLv3 and TLS 1.0, and use tools like SSL Labs to identify and correct certificate or cipher issues.
Can outdated browsers cause this SSL error?
Yes, older browsers may not support modern TLS versions or cipher suites, which can lead to the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error when connecting to properly secured websites.
Is the ERR_SSL_VERSION_OR_CIPHER_MISMATCH specific to just one browser?
No, although it’s commonly seen in Chrome, this error can appear in any browser if there’s a mismatch between the client and server’s supported SSL/TLS protocols or cipher suites.
Conclusion
In most cases, the ERR_SSL_VERSION_OR_CIPHER_MISMATCH comes down to outdates SSL certificates, legacy server settings or incompatible browsers. We’ve outline all the steps you need to take to determine which causes problems at your website. When you tick all the boxes – updating your SSL certificate, enabling modern TSL protocols and double checking your service configuration, you’ll have your site running securely in no tome.
Meanwhile, you can be proactive and learn how to fix other errors that may come up. We’ve covered a lot of them, so the next time an error pops up, you’ll be equipped with knowledge instead of panic:
- WordPress white screen of death
- 502 bad gateway error
- How to fix WordPress not sending email
- How to fix the too many redirects error
- Fixing WordPress the HTTP error when uploading image and
- How to fix the 504 error
- Fixing “Sorry, you are not allowed to access this page” error
