Home
Support Forums

This site can't provide a secure connection

Some users are getting this error when trying to access my site.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Netlify App: wizardly-lewin-5ce264.netlify.app

Primary Domain: dynyte.com

Secondary Domain: www.dynyte.com (Redirects to primary)

I’ve checked with Namecheap who provide the domain, just in case it was something to do with my DNS config but they said everything was fine on their end. I’ve seen a couple of threads about this but none of them provide a working fix. Is there anything I can do?

@EthanCrabb Welcome to the Netlify community.

First, you should refer to the docs on configuring a Netlify site using external DNS.

You have the CNAME correct, but not the A record(s):

|====================== dig A record(s) for =====================
| ------------------------- dynyte.com -------------------------
| ------------ Netlify's load balancer: 104.198.14.52 -----------
161.35.60.200
67.207.80.24
Organization:   DigitalOcean, LLC (DO-13)
|================================================================

Correct configuration of the A record](s) should clear up this error:

|================== check SSL record blocking ===================
| ---------------------- should be blank ------------------------
| ------------------------- dynyte.com --------------------------

| ----------------------- www.dynyte.com ------------------------
www.dynyte.com.		1784	IN	CNAME	wizardly-lewin-5ce264.netlify.app.
|================================================================
1 Like

Hi, @EthanCrabb. I do see SSL working when I test. If you are still seeing this issue, we need a way to find the HTTP response with the wrong SSL.

The fastest way to do this is to send us the x-nf-request-id header which we send with every HTTP response.

There more information about this header here:

However, most tools (your browser included) will close the connection before we send the header if the SSL certificate is wrong.

If that header isn’t available for any reason (like SSL failures), then please send the information it replaces (or as many of these details as possible). Those details are:

  • the complete URL requested
  • the IP address for the system making the request
  • the IP address for the CDN node that responded
  • the day and time of the request (with the timezone the time is in)

If you send us this information we can troubleshoot to see what is happening.

1 Like

Thanks for your response.

These are my current DNS records:

Could you tell me how to correct them?

I personally would replace that ALIAS record with an A record pointing to Netlify’s load balancer 104.198.14.52 because I know that that works, unlike CNAME flattening. YMMV.

Hi, I’ve tried to renew the certificate and changed the ALIAS Record to an A record, but the error still persists. I’ve got my x-nf-request-id: 587dadc7-e2ff-4794-9d99-2816d92f4a0d-12716444. I hope this helps troubleshoot the issue.

Thanks for your response, Ethan

Is this still happening? Your site seems to load over HTTPS for me in Southern California.

Yes, it seems to only be affecting some users though, me not being one of them. I followed your previous steps and gave the DNS a couple of days to switch over to the new A record, but the issue still persists.

Are there any other potential fixes you can think of? Thanks

Hey, I think I posted a comment instead of replying, I still need help with this issue.

@EthanCrabb The only thing I see wrong now is that you still have SSL record blocking turned on for your www subdomain:

|================== check SSL record blocking ===================
| ---------------------- should be blank ------------------------
| ------------------ when using Netlify DNS ---------------------
| ------------------------- dynyte.com -------------------------

| ----------------------- www.dynyte.com -----------------------
www.dynyte.com.		1790	IN	CNAME	wizardly-lewin-5ce264.netlify.app.
|================================================================

I’ve looked though hundreds of threads now and it seems there’s no 100% working fix. In most cases it has something to do with the client.

I’ll try renewing my certificate once more and hope the issue fixes itself with some time.
Thanks for all the help.

Hello,
I am trying to host my new site here on Netlify. I have updated name servers on the domain provider site. I have the same error as yours whenever I want to reach my site. Have you found the reason and fix for this? Please let me know. Thank you.

What is the site you are having issues with @thinkforbetter ?