This site can’t provide a secure connection
[yoursite] uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Fix it in Cloudflare

If you’re using the excellent addon Cloudflare with your Dreamhost account you may have the same problem moving over to secure encrypted connections as the qreativbox site had just now.

Dreamhost has a decent help page on how-to-set-up SSL for WordPress. The information in there is relevant for many AMP stack sites moving to HTTPS.

BUT it’s no help in tracking down our particular problem…

Your site may also have a perfectly well-configured free SSL certificate from Let’s Encrypt (another fine reason to use Dreamhost) with an incorrect Cloudflare setting. That’s where we find the cause of the “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” error.

Show me the money

Over in your Cloudflare control panel got to your Crypto/SSL settings and make sure these are set to Full (strict).

Then just disable Universal SSL — for three minutes — then reactivate it. Yup – the old school tuning-off-and-on-again trick – might just flush out your problem too.

Encrypt your site already

There’s really no excuse not to be on HTTPS. It really is a basic requirement these days as it encrypts and compresses any traffic between your site and your users. It’s so important that Google will penalise your site in its search rankings if you don’t use it. It began as a “very lightweight [negative SEO] signal”  back in 2014 and now Google’s Chrome navigator actively marks sites not on HTTPS as “non-secure”.

Basic encryption needs are more than adequately covered by Let’s Encrypt although e-commerce sites really should get their own certificate. Dreamhost’s comparison between Let’s Encrypt (free) vs Sectigo (paid) SSL certificates is a good place to start.

Poor cobbler’s children.

Finally, three years since extolling the speed virtues of HTTPS qreativbox has finally moved over.

Hacked photo by Florian Klauer on Unsplash