After I added a custom domain to my app, when I visit that domain it shows me a SSL version or cipher mismatch error.

This site can’t provide a secure uses an unsupported protocol.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers

This can happen when the CNAME isn’t yet configured before adding it to app. Our TLS certificate issuer caches the NXDOMAIN (not found) DNS record, and the TLS certificate issuing is delayed. Normally it resolves automatically once the NXDOMAIN cache expires in about 30 minutes.

  • At least for me this only happens when using DigitalOcean Domains, when I tried with CloudFlare it worked flawlessly. It would be nice to mention that it needs to be added before adding it to the app though. Saves a lot of headaches.

    Edit: it’s been quite a while since I added the domain, and I’m still receiving ERR_SSL_VERSION_OR_CIPHER_MISMATCH

I have the same problem,
Many hours, and the problem persist. :(

I made the error of adding the custom domain before the DNS entry was refreshed (due to TTL time). I’ve destroyed custom domain and added it again and now it works.

I seem to have the same issue. What I want to do is point a subdomain to my DO app.

Added a new app (the feature is great btw!), deployed it, and then added a new CNAME entry to my DO networking (DNS is managed by DO).

What did I do wrong here?

  • 👋 @Trunksome

    Submitting the CNAME in App Platform before adding the record in the DO networking tab causes App Platform to register the domain with CloudFlare before it exists. There is a 30 minute TTL on this record then your domain will start working.

    However, as a workaround you can remove the custom domain, let your app deploy, then re-add the custom domain and it should start working almost instantly.

    We are currently working on enhanced domain support that should fix this confusing workflow.

  • I have the exact same issue… Domain is showing the “Configuring” status but nothing changes (for hours and hours). Resubmitted like 5 times now - nothing seems to work. Quite frustrating.

    I have another domain that’s set up similarly in digital ocean networking and there it works. And with external DNS servers it also works.

    • I also have the issue. It seems it has not been addressed. Using Google Domains/DNS. Tried various permutations all day long. It shouldn’t be this difficult.

      It would be good to be able to see some logs re: status of SSL cert and dns provisioning.