Is the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error stopping you from accessing a WordPress website?
This error is only seen when visiting a website that uses an SSL certificate. It is caused by out-of-date or misconfigured software on either the website or the user’s computer.
In this article, we will show you how to fix the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error in WordPress.
What Is the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
We recommend that everyone with a WordPress website install an SSL certificate. This can help keep your website data secure.
An SSL certificate is required if you want to accept payments in your online store, and it also protects your users in other ways.
SSL stands for ‘Secure Sockets Layer’, and TLS stands for ‘Transport Layer Security’ protocol. These protocols rely on certificates that tell the user the identity of the website they are communicating with.
When visiting a secure website, your browser will automatically check for an SSL certificate to see if it is valid and up to date. It also checks the version of the protocols being used.
If there’s an issue, then you’ll see an SSL error like ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
This error message appears when your browser doesn’t recognize the version of the SSL protocol being used or when the SSL certificate is not configured correctly.
This can happen when the user is using an out-of-date web browser that doesn’t recognize the latest TLS protocols. It can also be caused if the website’s SSL certificate or software is out of date or mismatched.
With that being said, let’s take a look at some steps you can take to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error in WordPress:
Scanning Your Website for SSL Errors
The first thing you need to do is scan your WordPress website for SSL errors. This will help you identify problems that can cause the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error.
The easiest way to check is by using an online tool like the Qualys SSL Labs SSL Server Test. Simply type in the website’s domain name and then click the ‘Submit’ button.
This will perform a thorough test on the website that takes a few minutes to finish. After that, you will see a very detailed report about the site’s SSL certificate.
In the screenshot below, you will find the results of a scan on wpbeginner.com. You can see that the WPBeginner SSL certificate is valid and trusted and supports the latest TLS protocol, which is TLS 1.3. This is an example of a great SSL test result.
You can scroll down to the Configuration section of the report.
This will show you which versions of the TLS protocol are supported. In this case, both currently used versions are supported, which are TLS 1.2 and TLS 1.3.
It’s also important that the other protocols are not being used because they have known security issues.
If your test result looks similar to this, then the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error is not being caused by the website. You can scroll down to the last section of this tutorial to learn how to troubleshoot the software on your computer.
On the other hand, here is a screenshot from a scan that found SSL errors. The errors are summarized at the top of the report, and more details are given below.
You can go to a page with detailed notes about an error by clicking the ‘MORE INFO »’ link.
If the SSL test report for your website lists some SSL errors, then you can follow these guidelines to fix them.
Your Site Uses Outdated TLS 1.0, TLS 1.1, or RC4 Cipher Suite
Old TLS protocols like TLS 1.0 and TLS 1.1 should never be run because they have security issues, and modern web browsers have stopped supporting them.
The same goes for the RC4 cipher suite. A cipher suite is a set of algorithms used to secure your website with TLS. However, the RC4 version has been found to be insecure and should never be used.
Reputable WordPress hosting companies never use insecure versions of the TLS protocol or cipher suite.
However, if your website is using any of these outdated versions, then you should contact your hosting provider and get them to enable TLS 1.2 or TLS 1.3. You will also need to switch to AEAD cipher suites (AES-GCM).
Your Site Has an SSL Certificate Name Mismatch
Because an SSL certificate proves that your website is what it claims to be, the domain name on your certificate must match your site’s domain name. When they are not the same, this is called an ‘SSL certificate name mismatch’.
When you see this error in your SSL report, it will list the potential reasons:
- The website does not use SSL but shares an IP address with some other site that does.
- The website no longer exists, yet the domain name still points to the old IP address, where some other site is now hosted.
- The website uses a content delivery network (CDN) that does not support SSL.
- The domain name is an alias for a website whose main name is different, but the alias was not included in the certificate by mistake.
This error is likely caused by a problem with your SSL setup.
You can take a look at our beginner’s guide on how to properly move WordPress from HTTP to HTTPS for details on how to set up SSL correctly.
In particular, make sure you have set up your SSL certificate to work with all of the variations (or aliases) of your domain name that will be used, including www and non-www URLs.
Another solution is to redirect your website visitors to the correct variation of your domain name.
For example, if your SSL certificate has the URL ‘https://www.example.com’, then you can redirect ‘https://example.com’ to that address. See our article on how to set up redirects in WordPress for more details.
This error could also appear if you have recently moved your website to a new domain name or server. You will need to update your SSL certificate with the new details.
If you are using a CDN service, then you should also make sure that it supports SSL. If you need to upgrade, then you can see our expert picks of the best WordPress CDN services for recommendations.
If you need help with any of these issues, then don’t hesitate to reach out to your hosting provider’s technical support team.
When the Website Is Not the Problem
If the website is not the problem, then the error is caused by software on your computer. Most likely, you have an out-of-date web browser, or your antivirus software is causing the error.
You can follow these steps to troubleshoot the problem.
Update Your Web Browser to the Latest Version
If you are using an outdated web browser such as Internet Explorer or an old version of a modern web browser, then you may see this error. This happens because the old software was written before the latest versions of the TLS protocols and doesn’t recognize them.
In that case, all you need to do is switch to the latest version of a modern web browser like Google Chrome.
If, for some reason, you can’t update to a later version of your browser, like if you are stuck using Microsoft Windows XP, then you may be able to enable a later version of TLS in your browser.
For example, on Google Chrome, you can type
chrome://flags in the address bar, search for ‘TLS 1.3’ and enable the option.
Or if you are using Firefox, then you should type
about:config in the address bar, search for TLS, and then set the
security.tls.version.max value to 4.
Clear Your Browser Cache and SSL Cache
If you still see the error message after doing this, then there are a few more troubleshooting steps you can take. The first thing is to delete your browser cache and cookies.
You can see our guide on how to clear your cache in all major browsers, which also covers how to clear your cookies.
On Windows, you can also clear the SSL cache. This may be storing out-of-date SSL information about the website you are trying to access.
You can open ‘Internet Options’ by searching for it in the Start menu. Now switch to the Content tab and click on the ‘Clear SSL state’ button.
Temporarily Disable Your Antivirus Software
Finally, it’s possible that your antivirus software or firewall software may be configured incorrectly. This can sometimes cause the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error to appear when it shouldn’t.
If your software has an automatic SSL scanning feature, then you can try turning it off. Otherwise, you will need to temporarily disable your antivirus software. Once you have done that, you can try accessing the website again.
If you can access the software with your antivirus software disabled, then you can contact the antivirus company’s technical support team about the error or switch to a more reputable application.
We hope our tutorial helped you fix the ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ error in WordPress. You may also want to see our complete guide to WordPress security or our expert picks for the best WordPress security plugins to further protect your website.
The post How to Fix ’ERR_SSL_VERSION_OR _CIPHER_MISMATCH’ in WordPress first appeared on WPBeginner.