Why does Chrome show this but Safari shows a different error?

Browsers wrap TLS errors in their own error codes. Chrome → ERR_SSL_PROTOCOL_ERROR. Safari → "Safari Can’t Verify the Identity". Firefox → SSL_ERROR_NO_CYPHER_OVERLAP. Same root cause: TLS handshake failed.

I got a free Let’s Encrypt cert but it still fails. Why?

Likely the cert wasn't fully installed. Run openssl s_client and check the chain. Or your reverse proxy (nginx, Caddy) didn’t reload after the cert was issued.

ssl error

ERR_SSL_PROTOCOL_ERROR: This site can’t provide a secure connection

The error

This site can't provide a secure connection. yoursite.com sent an invalid response. ERR_SSL_PROTOCOL_ERROR

What it means

The browser tried to start an HTTPS handshake with your server and failed before any HTTP traffic. Almost always a TLS configuration issue on the server side.

Common causes: (1) no cert installed, only HTTP; (2) cert is self-signed or expired; (3) cert is for a different domain; (4) server only supports TLS 1.0/1.1, browsers require 1.2+; (5) server returned plain HTTP on port 443.

The fix

Diagnose with openssl

# What does the server actually serve?
openssl s_client -connect yoursite.com:443 -servername yoursite.com

# Look for:
#  - Verify return code: 0 (ok)  ← good
#  - Subject CN matches your domain
#  - Protocol: TLSv1.2 or TLSv1.3
#  - Notable: "self signed certificate" or "certificate has expired"

Also check

Common adjacent root causes when the obvious fix doesn’t work.

01Is the cert actually installed? On Vercel/Netlify it’s automatic; on a custom server, Let’s Encrypt via Caddy or Certbot.
02Did the cert expire? Look in your hosting dashboard or run openssl above.
03Are you serving the right cert for the right hostname? SNI mismatches cause this often.
04Does your server allow TLS 1.2+? Disable TLS 1.0 and 1.1.

Scan for related issues

This error is in our ssl scanner. Run a free scan to find what else is misconfigured in the same area.

FAQ

Frequently asked questions

Why does Chrome show this but Safari shows a different error?: Browsers wrap TLS errors in their own error codes. Chrome → ERR_SSL_PROTOCOL_ERROR. Safari → "Safari Can’t Verify the Identity". Firefox → SSL_ERROR_NO_CYPHER_OVERLAP. Same root cause: TLS handshake failed.
I got a free Let’s Encrypt cert but it still fails. Why?: Likely the cert wasn't fully installed. Run openssl s_client and check the chain. Or your reverse proxy (nginx, Caddy) didn’t reload after the cert was issued.

Related fixes

Tighten this area further

Expired SSL certificate

An expired certificate breaks your site — browsers show a big red warning. Here is how to renew and set up auto-renewal.

Weak SSL cipher

TLS 1.0, TLS 1.1, or weak ciphers like RC4 or 3DES are vulnerable. Here is how to force modern TLS on Vercel, Cloudflare, and self-hosted servers.

Background

Concepts

SSL / TLS

The encryption protocols that power HTTPS. TLS 1.2 and 1.3 are current; older versions are deprecated.