Skip to content
SSL Error · Chrome, Edge, Brave, Opera

SSL protocol error

ERR_SSL_PROTOCOL_ERROR

The TLS handshake fell apart before a secure connection could form, often from a protocol mismatch or a broken server config.

What it means

ERR_SSL_PROTOCOL_ERROR is a catch-all for a handshake that failed at the protocol level. The browser and server tried to agree on how to secure the connection and couldn't finish. Unlike the certificate-specific errors, this one points at the negotiation itself: an unsupported TLS version, a malformed certificate file, an interfering proxy or antivirus, or a server that's serving plain HTTP on the HTTPS port.

When it happens

It tends to appear after a server change: a TLS upgrade that dropped support for the version a client still uses, a botched certificate install that left the file malformed, or a misconfigured virtual host. On the client side, security software that intercepts HTTPS, a corrupted local SSL cache, or an out-of-date browser can all trigger it. If every visitor sees it, the server is the place to look; if only you do, start local.

How to fix it

  1. Run an SSL test against the server to check the TLS versions and certificate are valid and well-formed.
  2. Make sure the server still offers a TLS version the client supports, and that the certificate file isn't corrupted or missing its key.
  3. On the client, clear the browser's SSL state, update the browser, and temporarily disable any HTTPS-scanning antivirus or proxy to see if it's interfering.
  4. Confirm nothing is serving plain HTTP on port 443, which produces this error instantly.
Check it with Sitewell

Check this site’s certificate

Paste the domain and Sitewell shows the certificate’s expiry, the hostnames it covers, the chain, and the issuer — enough to pin down what triggered this error. Free, no signup.

Check this site’s certificate →SSL expiry guide →

Related errors

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

The browser and server share no common TLS version or cipher suite, so they can't agree on how to encrypt the connection.

NET::ERR_CERT_AUTHORITY_INVALID

The browser can't trace the certificate back to a trusted authority, which is what happens with self-signed certs or a missing intermediate.

ERR_CERT_WEAK_SIGNATURE_ALGORITHM

The certificate was signed with an algorithm now considered too weak to trust, such as SHA-1.

← All SSL errors