How to fix SSL Handshake error in WordPress

Looking for a way to fix the SSL handshake error in your WordPress website?

While moving a WordPress site to SSL,  most of the time a user can face some unwanted errors. The SSL handshake error is one of them. In general, we use handshakes to greet someone. We also use a handshake to finalize an agreement. In online, The SSL handshake works in the same way.

When a device wants to access the data of a web server through a browser, both need to share encrypted keys and other details to make the connection so that they can exchange data. This process is called the SSL Handshake. During this handshake, both the server and the browser check their connection and SSL certificates to verify the connection.

Without this handshake, a secure connection won’t be established. Most of the users don’t want to visit pages that are not secured. So the website owner needs to have proper knowledge about the SSL handshake and its process.

So before investigating the SSL Handshake error let’s know the process to establish a secure connection.

SSL Handshake process

Here we are discussing the comment steps of an SSL handshake but depending on the version of SSL on the browser and server, the process may be a little different.

Step 1: Client hello

To transfer data first the client sends a request to the web server by a ‘hello message’. This hello message contains the cryptographic data with the SSL version and the algorithm it supports to communicate with others.

Step 2: Server hello

When the server gets the client’s hello message. it immediately verifies the request and response to the hello message. The response hello message also contains the algorithm it chooses and also its SSL certificate.

Step 3: The client verifies the server’s certificate

After getting the server response the client sends a different byte string to compute a secret key for encrypting communication.

Step 4: The server verifies the client’s certificate

If client authentication is required then this step only takes place.

Step 5: The client finished

The client’s finished message indicates that the client has done their part and is ready to communicate.

Step 6: The server finished

This indicates that the server has also done its part of this handshake.

The handshake process is done and now both the server and the browser can exchange data between them. If everything goes well those processes will happen. But what if it doesn’t go the right way?

What causes the SSL Handshake to fail

When the browser and web server aren’t able to establish a secure connection it shows an error message. The possible reasons for SSL Handshake errors are –

  • Wrong date or time on the client’s side
  • Browser-specific configuration sometimes causes the error
  • Intercepted connection by any third party
  • If the client and the server don’t support the same SSL version
  • If the certificate is invalid

Fix SSL Handshake error in WordPress

Fix the wrong date and time

When you see the SSL Handshake error message the first thing you need to do is check the client date and time. If the system time is incorrect on the client’s side then the SSL Handshake error happens. Because time is very important to check SSL validation. So start with the easiest step. If the system time is wrong then fix it. If the time is correct and still face the SSL Handshake issue then move on to the next steps.

Verify the SSL Certificate

The second thing you need to check when you face the error is to check your SSL Certificate validation. If there is any issue in your SSL certificate that can prevent the SSL Handshake. You also need to check that your SSL certificate is accurate. If the hostname is not correct it is not able to create an SSL Handshake. So you need to verify that your SSL certificate is valid and accurate

Change browser

Sometimes the browser causes the SSL Handshake error. The browser settings and third-party extensions may cause the issue. to verify that your browser is responsible for the SSL Handshake error, just switch to another browser. If no error is found on another browser then your browser is the reason.

Try to reset the browser settings get back to the default settings of the browser and recheck. You can also disable the third-party extension and enable it one by one to check which extension causes the error. If the error happens after changing the browser, follow the next steps.

Sometimes the browser SSL version doesn’t match the Server SSL version. In that case, it also shows the error message. So try to update the browser as most of the latest browsers support the TLS 1.2 version.

Add the server to allowlist

Sometimes the firewall will intercept the request for inspection and cause the SSL Handshake error. To check if the firewall is responsible or not, deactivate the firewall for some time and recheck.  If the error is solved, your firewall is the reason. However, deactivating the firewall is not the solution as it can increase the vulnerability attack. So you need to add the server to the allow list.

Follow the process to add the server to the allowlist in Google Chrome –

  • Navigate to Device > Chrome from the admin console
  • Settings> Users & browsers
  • Scroll to find the URL-blocking option
  • Add your server in the Blocked URL Exceptions field

When you are done click on the Save option to keep your changes.

Check the server and browser support the same Cipher Suits

If the server and client browser do not use the same Cipher Suits then it can also cause the SSL Handshake error. Without mutual Cipher Suites, the support browser won’t be able to establish a secure connection with the server. To check which Cipher Suits the browser and website support from the SSL Labs website.

To check which Cipher Suits the browser using go to the SSL Labs website and navigate to Projects > SSL Client Test.

 

Now go to the Protocol Features option to view which Cipher Suits your browser supports.

 

Similarly, from the Server Test option, you can check which Cipher Suits the server uses. 

Wrapping Up

SSL Handshake is very important for a secure data transfer process. So the users and website owners need to understand it properly.

Following the process, you will be able to identify the SSL Handshake error and fix the issue. You can see our other articles to learn How To Fix WordPress Mixed Content SSL Warning

How To Fix Common SSL Issues In WordPress

We hope this article will help you. If you like this article please like our Facebook page to stay connected.