Google Chrome Browser reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH on SHA1 signature algorithm

Latest Google Chrome Browser reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH on use of SHA1 signature algorithm

Oct 2, 2023

Google Chrome Browser reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH on SHA1 signature algorithm

URL NAME

Chrome-Browser-reports-ERR-SSL-VERSION-OR-CIPHER-MISMATCH

Problem

Starting around mid-2023, customers have reported issues where Chrome browser version 117.0.5938.132 (possibly earlier 2023 versions as well), report ERR_SSL_VERSION_OR_CIPHER_MISMATCH, with details, Unsupported protocol – The client and server don’t support a common SSL protocol version or cipher suite. Other browsers like MS-Edge do not take issue with the certificate served. 

Solution

Customers encountering this issue have resolved the issue on their own. In one case, they reported that they found that one or more signing certificates in the chain of trust was using SHA1 as the signature algorithm. To fix the issue, work with your signing CA to fix the chain of trust. The problem is related to Google Chrome’s deprecation plans for SHA-1 certificates which have been in place since September 5, 2014. 

Original Niagara Community Post here.