The error occurs in case the port a client is trying to connect to is opened on the server, but there is no certificate configured properly on the server’s side for this port.
openssl s_client -connect yourdomain.tld:*port*
(for example: openssl s_client -connect ssl-certificate.com:443)
There should be an output like the one below:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766:
You can also find details about such kind of a failed connection using a network analyzer like wireshark:
You may encounter this error with Apache, nginx or similar web servers. The issue is usually related to the incorrect VirtualHost record or in case a VirtualHost record is specified in the configuration file which is not listened by the webserver.
Fox example, in case of Apache the error will show up in Firefox if you have a line “Listen 443” in your VirtualHost file without an actual VIrtualHost record for port 443 or in case the record for port 443 is incorrect.
If you are not sure, how to deal with OpenSSL, VirtualHosts or just don’t have root access on your server, please ask your web-host provider for assistance.
