ERR_SSL_VERSION_OR_CIPHER_MISMATCH — What It Means & How to Fix It

What Does This Error Mean?

This error means your browser and the website's server could not agree on how to encrypt the connection. SSL/TLS encryption has multiple versions (like TLS 1.0, 1.2, 1.3) and cipher suites (the actual encryption methods). If the server only supports an old version that your browser no longer accepts — or vice versa — the handshake fails. This is a security measure to prevent weak, outdated encryption from being used.

Affected Models

Google Chrome
Microsoft Edge
Firefox
Safari
All modern browsers
Windows
macOS

Common Causes

The website is using an old TLS version (TLS 1.0 or 1.1) that modern browsers have disabled
The website's server is configured with weak or outdated cipher suites
The SSL certificate was issued for a different domain name than the one you are visiting
A corporate or school network is using a proxy that intercepts SSL with its own outdated certificate
Your operating system is too old to support the encryption required by the site

How to Fix It

Check if the website has recently made a security change. Search for '[website name] SSL error' to see if others are reporting the same problem.

If the site just updated its SSL settings incorrectly, the webmaster needs to fix it — not you.
Update your browser to the latest version. In Chrome, click the three-dot menu > Help > About Google Chrome. It will check for updates automatically.

Older browser versions may not support the latest TLS versions required by modern websites.
Update Windows. Go to Settings > Windows Update and install all available updates. Newer Windows versions support modern TLS configurations.

Windows 7 and 8 have known TLS compatibility issues. If you are on an older OS, consider upgrading.
If you are on a work or school network, the issue may be caused by the network's proxy intercepting your SSL traffic with an old certificate. Contact your IT department.

You cannot fix this yourself on a managed network — the IT team needs to update the proxy's certificate.
Try accessing the site using a VPN to route around any network-level SSL interference. If it works through the VPN, the problem is in your network path — not the site itself.

This is a diagnostic step, not a permanent fix.

When to Call a Professional

If this error appears on your own website, contact your web host. You need to update your server's TLS configuration to support TLS 1.2 and TLS 1.3. Most reputable hosts can update this for you, or provide instructions for doing it yourself in the server control panel.

Frequently Asked Questions

What are cipher suites and why do they matter?

Cipher suites are the specific encryption algorithms your browser and the server use to scramble and unscramble data. There are dozens of them, with varying levels of security. Modern browsers disable old, weak cipher suites to protect you. If a server only offers those weak options, your browser will refuse to connect.

Why does this error only started appearing recently?

Browser updates frequently drop support for outdated TLS versions and weak ciphers. Chrome and Firefox have both dropped TLS 1.0 and 1.1 support in recent years. If a website has not updated its server to support modern encryption, you will start seeing this error after your browser updates.

Can I force Chrome to accept the old encryption?

Technically yes, but it is strongly not recommended. Accepting old, weak encryption puts your data at risk. The better solution is for the website's owner to update their server's security configuration. If you absolutely must access the site, contact the website owner and inform them their SSL configuration is outdated.