This is an old revision of the document!
Cannot Establish TSL/SSL Connection with Cloudflare
If a domain cannot establish a TSL/SSL connection when using Cloudflare, it is likely because Cloudflare requires a Server Name Indication (SNI) at the virtual host level, in addition to the listener level.
You may see the following notice in your Chrome or Firefox browser:
The site can't provide a secure connection example.com users an unsupported protocl ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Or, you may see this:
Secure Connection Failed An error occurred during a connection to example.com. Peer reports incompatible or unsupported protocol version. Error code: SSL_ERROR_PROTOCOL_VERSION_ALERT
Even if the configurations are identical, CloudFlare requires SNI to be set at both the virtual host level and the listener level. Do so, and the problem should go away.