If your Shopify, Wix, or WordPress website isn’t running over HTTPS because of the SSL Error “ERR_SSL_PROTOCOL_ERROR” in Google Chrome, you’re not alone. This error breaks the connection between the server and the browser and is a major hindrance to a site that people trust.
In this article, you will find the most common causes of this error and also learn step by step on how to fix and get your website back over HTTPS.
The “ERR_SSL_PROTOCOL_ERROR” may arise due to server-related problems, problems with SSL configurations, or the settings of the user device. If there is an issue with establishing a secure connection over HTTPS, you may face this on Google Chrome and other browsers.
What is “ERR_SSL_PROTOCOL_ERROR”?
ERR_SSL_PROTOCOL_ERROR shows up when a web browser (most commonly Google Chrome), is not able to establish a secure connection over HTTPS. Chrome blocks access automatically to protect users from being able to use or navigate a website that either doesn’t have its SSL certificate configured and/or is not validated by a trusted CA. Chrome blocks access to such sites with improper SSL configuration because it can affect data security.
When you visit a secure website, the browser initiates an SSL/TLS handshake. It allows encrypted data to travel between the browser and the server. This is done to protect sensitive information, like – login credentials, passwords, emails, etc., over the internet and ensure data integrity and privacy. However, if Chrome detects an issue with the SSL certificate (for example, it’s invalid, expired, or misconfigured), it will show the “ERR_SSL_PROTOCOL_ERROR” message to warn users of the insecure connection.
The SSL/TLS handshake typically happens in 3 stages:
- Request for Secure Connection: Your web browser tries to connect with the website server and requests an SSL/TLS handshake. Here’s where the server and browser verify each other’s identity and agree on encryption standards using a TCP 3-way handshake.
- SSL/TLS Handshake: Your web browser then checks for the SSL certificate, which is a small data file that binds a cryptographic key to the website’s details (such as its domain name). The browser and server exchange this information to create a secure handshake.
- Encrypted Connection Setup: If everything works out smoothly, an encrypted connection is established, allowing data to pass securely between your device and the server.
However, if the authentication process is disrupted due to an invalid certificate or mismatched protocols, then the browser can’t complete the SSL handshake. In this case, Google Chrome displays the ERR_SSL_PROTOCOL_ERROR message and blocks access to protect your data from potentially insecure connections.
What are the major causes of the ERR_SSL_PROTOCOL_ERROR?
Most of the time, the ERR_SSL_PROTOCOL_ERROR arises when there is a problem establishing a secure SSL/TLS connection between a browser and a website’s server. If you try to access a site over HTTPS, the browser requests a secure connection. In order to initiate an encrypted SSL/TLS handshake the server must respond with a valid SSL certificate. If authentication fails, the browser marks the connection as insecure and displays ERR_SSL_PROTOCOL_ERROR, preventing users from connecting to potentially compromised connections.
SSL encrypted connections use compatible configurations between the browser and the server and an up-to-date SSL certificate that covers all the intended subdomains. A few underlying reasons can interrupt this process:
- Modification in SSL certificate, hosting, WAF, and CDN can cause ‘ERR_SSL_PROTOCOL_ERROR’ error.
-
SSL Certificate Issues: This error may be caused if your SSL certificate is misconfigured or lacks important information, such as a Subject Alternative Name (SAN) that includes ‘www’ and non ‘www’ variations of your domain.
-
Protocol Mismatch: Protocol mismatch is another very common reason. Here, the browser and the server don’t have the same version of SSL/TLS, so they don’t end up establishing a secure handshake. You can simply fix this by enabling all TLS protocols in your internet settings.
- Certificate Expiry: SSL certificates have to be renewed. Browsers will not establish a secure connection if your certificate expires.
- Incorrect System Time: To validate SSL certificates it requires system clocks to match real world time. However, an SSL error can be triggered if the date or time on your device is wrong.
- Firewall or Antivirus Conflicts: Some firewall and antivirus programs scan HTTPS connections and if they detect any issue, they block a secure connection to the site.
- Outdated or Incompatible Protocols: Security protocols are always updated with new standards. SSL errors can come from outdated protocols, or even from misconfigured server settings.
13 Quick Ways to Fix “ERR_SSL_PROTOCOL_ERROR”
To resolve the ERR_SSL_PROTOCOL_ERROR, start by checking the basic system, software, and browser settings.
Now, often this error disappears itself when you refresh the page, but sometimes it comes again and again. If you are experiencing such kind of warnings, here’s a quick list of effective fixes:
- Make Sure SSL Is Installed on Your Website
- Force HTTPS Connection on Your Website
- Update expired SSL certificates
- Fix DNS issues
- Update Browsers to Latest Version
- Check the System Date and Time
- Clear Browsing Data in Chrome
- Clear Your SSL State
- Disable QUIC Protocol of Chrome
- Review Antivirus Settings
- Check Firewall Settings
- Disable Browser Extensions
- Adjust Your Internet Security and Privacy Level
1. Make Sure SSL Is Installed on Your Website
The first step is to check that you have installed an SSL certificate on the server. If it’s not available then buy SSL and install it, as it secures in-transit information between the server and the browser.
Sometimes, website owners forcefully enable HTTPS without installing an SSL certificate on the server, which causes an inaccessible website, which can cause ERR_SSL_PROTOCOL_ERROR.
To check HTTPS, you need to visit the domain name. If the domain name shows HTTPS, then you can ensure SSL installation. Moreover, you can go with the SSL installation checker to see the installed SSL certificate details.
Even OpenSSL can be a helpful source for finding SSL certificate status. You can follow the below code to do this.
openssl s_client -servername domain.com -connect 192.168.0.1:443 2>/dev/null | openssl x509 -noout -subject -issuer -dates;curl -vvI --silent https://domain.com 2>&1 | grep 'issuer|start date|expire date|subject'
2. Force HTTPS Connection on Your Website
The installation of an SSL certificate is incomplete if you do not apply Force HTTPS.
Otherwise, the site will run on default HTTP instead of a secured HTTPS version. It can cause an ERR_SSL_PROTOCOL_ERROR error.
Before you switch to Force HTTPS, you should take a backup of your website in case any mistakes happen during the switching process.
Many hosting providers move your website on HTTPS by default. However, you can follow the common manual process to apply ‘Force HTTPS’ in almost cPanel.
- Go to File Manager in Control Panel
- Create .htaccess file
-
Edit the .htaccess file using below text.
RewriteCond %{HTTPS} !on [OR] RewriteCond %{HTTP_HOST} !^www\. RewriteRule (.*) https://www.domainname.com%{REQUEST_URI} [L,R=301]
- Save the changes.
3. Update expired SSL certificates
An expired SSL certificate has dual disadvantages, causing ERR_SSL_PROTOCOL_ERROR and being harmful to website security.
Attackers can take benefit of an expired SSL certificate as the information passes will remain in plain text, which attackers can intercept.
Besides, you can fix this issue by renewing the SSL certificate with your provider. Once you renew, install it on the server properly.
SSL certificate renewal time does not take much time, as you can see in the below image for better understanding.
Certificate Types | Issuance Time |
---|---|
DV SSL – Domain Validated Certificates | 15 to 30 Minutes |
OV SSL – Organization Validated Certificates | 1 to 2 Days |
EV SSL – Extended Validated Certificates | 1 to 5 Days |
4. Fix DNS issues
If the DNS is aiming at an incorrect IP address, it can create “ERR_SSL_PROTOCOL_ERROR”. You can check with your hosting provider and run the below command to check it.
$ dig example.com +short
10.10.10.1
There are tools available to check yourself for such DNS issue.
5. Update Browsers to Latest Version
Browsers are frequently coming with the latest features. The reason behind updating the browser is to match with the current security patches and bug fixing those leaves attackers behind.
An outdated browser can welcome cyber threats to your site. Always prefer to update your browser to avoid ERR_SSL_PROTOCOL_ERROR.
6. Check the System Date and Time
If your machine has incorrect date and time settings then Chrome might not be able to validate SSL certificates, causing SSL errors. So, to make sure your device’s date and time settings are set properly:
-
Windows: Go to Settings > Time & Language > Date & Time and enable “Set time automatically” setting.
-
Mac: Go to System Preferences > Date & Time and check the “Set date and time automatically” setting.
7. Clear Browsing Data in Chrome
Sometimes cached data and cookies can interfere with the SSL protocols, especially if a much older inferior version of the site is still on your cache. To clear browsing data :
- In Chrome simply open up the window by pressing Ctrl + Shift + Delete, or whichever combination is your keyboard shortcut, to clear browsing data.
- Then choose “All Time”, then check “Cached images and files” and “Cookies and other site data”.
- Click ‘Delete data’.
8. Clear Your SSL State
If your problem still persists, the next thing you should try is clearing the SSL state of your computer. Follow the steps given below to do that:
- Type “Internet Options” in the search bar of your computer and hit Enter.
- A window named “Internet Properties” will open. Go to Content tab in that window and click on Clear SSL State
Now try opening the website once again in Chrome.
9. Disable QUIC Protocol of Chrome
Still no luck? Okay, then try disabling the QUIC Protocol of Google Chrome browser. Follow the steps given below to do that:
- Paste chrome://flags/#enable-quic in the address bar of your Chrome browser and hit Enter;
- Under Experimental QUIC Protocol option, you’ll see that it’s set to “Default”. Disable it.
Now relaunch Chrome and try opening the website again.
10. Review Antivirus Settings
In most cases, antivirus software with SSL scanning capabilities will block secure connection, but only if it mistakenly flags a genuine SSL certificate. You can disable the SSL scanning feature by:
- Switching to your antivirus program settings.
- Search for “SSL Scanning” or “HTTPS Scanning” options, find and disable it.
(Note: Disabling SSL scanning lowers security by bypassing the security check of encrypted traffic. Remember to re-enable it once you’ve identified the issue.)
11. Check Firewall Settings
Check that Chrome is allowed to access your firewall through HTTPS.
- Go to Control Panel > System and Security > Windows Defender Firewall.
- Go to “Allow an app or feature through Windows Defender Firewall”, and toggle Google Chrome in both the private and public network areas.
12. Disable Browser Extensions
Sometimes your Chrome extensions that focus on security and privacy can interfere with your SSL connections. Try to disable them to see if the issue still exists
-
Go to “chrome://extensions/” in Chrome.
- Toggle off each extension until the error goes away. Then go ahead and refresh the page.
- If there’s any specific extension that’s the cause of the problem, then try to remove it or keep it disabled.
13. Adjust Your Internet Security and Privacy Level
If everything mentioned above fails, the last thing that you should try is checking the level of your Internet Security and Privacy because a privacy level too high may also be blocking your access to certain websites. Follow the steps given below:
- Type “Internet Options” in the search bar of your computer and hit Enter;
- The “Internet Properties” dialogue box will open. Inside it navigate to Security tab and look at the slider given there. If that slider is too high on the scale, bring it in the middle (to Medium level) and click OK.
Now try opening the website that you were trying to open.
Out of above-given methods at least one will certainly solve your problem of ERR_SSL_PROTOCOL_ERROR on Google Chrome. Try out each of them until you find your solution.
Conclusion
The “ERR_SSL_PROTOCOL_ERROR” is a common issue that can be quite frustrating for users. This error usually arises due to multiple reasons such as SSL misconfigurations, expired certificates or device-related settings. If you run into such problems, you need a systematic approach to troubleshoot them and following the steps given in this article can help you to get your website back in good shape for your website visitors. Along with this, ensure that you update your SSL certificates time to time and set up your servers correctly so no such errors occur again.
Related Articles: