Cannot Establish TSL/SSL Connection with Cloudflare

If a domain cannot establish a TSL/SSL connection when using Cloudflare, it is likely because Cloudflare requires a Server Name Indication (SNI) at the virtual host level, in addition to the listener level.

You may see the following notice in your Chrome or Firefox browser:

The site can't provide a secure connection users an unsupported protocl

Or, you may see this:

Secure Connection Failed
An error occurred during a connection to Peer reports incompatible or unsupported protocol version.

Add SSL key/certificate configuration at vhost level under the SSL tab. Even if the configurations are identical, CloudFlare requires SNI to be set at both the virtual host level and the listener level. Do so, and the problem should go away.

  • Admin
  • Last modified: 2021/10/23 18:07
  • by George Wang