Error: ERR SSL VERSION OR CIPHER MISMATCH

Operating system: Ubuntu
OS version: 20.04.2

When accessing www.support.mydomain.xyz it get ERR_SSL_VERSION_OR_CIPHER_MISMATCH which does not let me connect to website.

It only seems to be an issue with subdomains. www.mydomain.xyz works perfectly fine.

Any help would be appreciated

When creating your ssl certificates:
virtualmin domain>server configuration>SLL Certificate>Let’sEncrypt did you checked “Also request wildcard certificate?” checkbox?
did you add “support” to your DNS CNAME record? (“support” DNS A record will work as well)

No. I shouldn’t have to should I? Since I am issuing out the ssl for support.mydomain.xyz and www.support.mydomain.xyz

I have support.mydomain.xyz as the A record and
www.support.mydomain.xyz as a CNAME record of support.

support.mydomain.xyz works perfectly fine. I only get this error with www.support.mydomain.xyz

you have a subdomain on a subdomain (www is a subdomain). I think a quick solution would be to redirect all of your www traffic to support.mydomain.xyz if the wildcard option doesn’t work.

virtualmin server>server configuration>website redirects

That does not really answer the issue. This is a bug.

In theory a domain should be able to have multiple subdomains like a.b.c.d.mydomain.xyz

But a.b.mydomain.xyz is getting an ERR_SSL_VERSION_OR_CIPHER_MISMATCH when trying to access via the browser.

ah i had those brain dead issue on Ubuntu as well…i remember it clearly. i switched to debian, since 6 one install, got all way up to 10, zero issues.

Hm really? So is this a known bug for Ubuntu?

I dont know, I tried ubuntu only once, too many mods there so I left it alone long time.

Of course not, it’s just unborn being him/herself.

As for the error itself, check your Apache/nginx config to make sure it’s serving up the correct certificate.
Also check the site using SSLabs, they usually hint pretty well at what might be wrong.

I did a quick test on both an Ubuntu and a Debian server, and a.b.domain.tld works fine, even a.b.c.d…

1 Like

@JuanM2020 I dont really know… why on earth I would follow something in bug report if I dont use it… my point was I used standar configs for everything - as on debian you can apply configs from whatever package dev docs you have installed as it is just naked source, on ubuntu you know they modify and release - so you do have to follow those mods on their docs, not docs from code creator - as an example apache on ubuntu have own docs but while on debian I can follow apache docs without any harm and it will work as always :slight_smile: - nope have no idea if that is bug or… sorry.

as I mentioned, in earlier post… anyway I do appreciate your reply. As you said with confidence this is not known bug, so I guess you are ubuntu team or something perhaps I should shut up. As I dont know you, I just pointed my opinion out there, so others does not need to waste time on same issue… I guess you are perhaps ubuntu devops or something as I feel your confidence, however I would still stay closer to source which ubuntu is not and therefore I would suggest you to follow ubuntu docs as with ubuntu mods, you can follow only on 40% apache docs it self - of course rest is out on google. Anyway have lovely day! - you know virtualmin folks could help you with this issue right?

I have 2 servers. Both on Ubuntu. One with apache the other with nginx. Both have the same issue with a.b.mydomain.xyz

Clearly not a one time issue.

Could be related to the fact that I am using Cloudflare as well.

Nope, I’m a debian guy like you on both desktop and server since around 2000.
I do maintain one Ubuntu server also, just to keep updated. I was more referring to that you always seem to bash Ubuntu for no apparent reason. You don’t like it, that’s fine, neither do I that much, that doesn’t mean that every time there is an issue it’s because of Ubuntu.

That might be it. I jumped off cf a long time ago for most services, simply because of issues like this.
It’s much easier to just let Virtualmin handle the stuff.

As to what the actual error might be then, I have no idea, sorry.

Perhaps you’re right, its time for me to focus more on solutions then os. Sorry.