3 Ways to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH

A security guard that's been sitting for awhile

Error Message in Chrome or Edge:

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Unsupported protocol

The client and server don't support a common SSL protocol version or cipher suite.

Error Message in Firefox:

Secure Connection Failed

An error occurred during a connection to 192.168.100.6. Peer using unsupported version of security
protocol.

Error code: SSL_ERROR_UNSUPPORTED_VERSION

. The page you are trying to view cannot be shown because the authenticity of the received data could not be
verified.

. Please contact the web site owners to inform them of this problem.

This web site might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox.

I was trying to get into a really old firewall and got this message. Unfortunately, there’s still old devices around that are using outdated security protocols that updated web browsers don’t support. Cameras, printers, old internet appliances. With our browsers continually updating their security, phasing out old, unsecure protocols is essential. Yet we sometimes we still run across those old devices and need to get on to admin them.

Here are three ways to get past this error:

Firefox: Change settings

While Firefox disables these old protocols out of the box, support can be turned back on. This is probably the easiest way, so if you’re not using Firefox you can download it here.

  • In the address bar type about:config
  • Accept the risks and continue.
  • Search for security.tls.version.min and set it to 1
  • Click the checkmark. You may have to restart Firefox.

It’ll still give you a warning, but you’ll be able to bypass it now. It’d be a good idea to set the security.tls.version.min back to 3 when you’re done.

Firefox: Use an older version

You can quickly download an old version of Firefox that’ll connect to these old devices no problem. PortableApps.com has an archive of old Firefox versions – I recommend using version 39. These are portable programs, so it’ll run with no installation. Remember, this is very old software so don’t do any regular browsing with it!

Edge: Change settings

You can use Edge to get into this, but it’s a fairly annoying process. It involves using the legacy Internet Explorer engine and turning on some old protocols.

Open up Edge. In the address bar type: edge://settings/defaultBrowser
Set “Allow sites to be reloaded in Internet Explorer mode (IE mode)” to Allow
Click the Windows start menu and search for “Internet Options”

A screenshot of Internet Properties in Windows that show suggest settings.

Go to the Security tab and click Trusted Sites. Then click Sites.
Add the address of the site you’re trying to access to the zone, with both http:// and https:// in front of it.
Uncheck Require server verification (https:) for all sites in this zone
Go to the Advance tab. Here you will turn on all the old protocols. Turn these off when you’re done!

A screenshot of Internet Properties in Windows that show suggest settings.

(Use SSL 3.0, Use TLS 1.0, Use TLS 1.1, Use TLS 1.2. You can also turn off “Warn about certificate address mismatch”)

That’s it! I obviously prefer Firefox since it’s the quickest, but that may not be an option for most people. Just a reminder to put these settings back when you’re done – they’re disabled for a reason, as they’re old and unsecure. Good luck!