Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kajlasunil
Staff
Staff

Created on ‎01-02-2023 10:25 PM Edited on ‎01-03-2023 06:26 AM

Article Id 241702

Technical Tip: Unsupported protocol during HTTPS access: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Description

This article describes the unsupported protocol during HTTPS access: ERR_SSL_VERSION_OR_CIPHER_MISMATCH 
Scope FortiGate.
Solution

The issue appears when a user is trying to get HTTPS access to FortiGate even if HTTPS and SSH access is allowed on the port.

 

Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH 

 

kajlasunil_0-1672687934777.png

 

This error occurs when the client and server do not support a common SSL protocol version or use an old TLS version.

 

Related document:

https://community.fortinet.com/t5/FortiCache/Technical-Tip-Low-Encryption-LENC-device-FAQ/ta-p/19032...

 

To check the TLS version configured in the FortiGate use the below command:

 

# sh full system global | grep tls

    set admin-https-ssl-versions tlsv1-1

 

Config admin-https-ssl-versions to support more TLS protocols

 

# config system global

    set admin-https-ssl-versions tlsv1-2

end

 

It is possible now, to try to access the GUI again:

 

kajlasunil_1-1672687934780.png
4745
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.