How can I fix the "This site can’t provide a secure connection" error I get after setting a custom domain in Azure Static Web Apps?

Henry S 5 Reputation points
2023-09-17T02:30:27.1333333+00:00

I follow the instructions here: https://learn.microsoft.com/en-us/azure/static-web-apps/custom-domain-external

Domain validated (www and root domain). But still cant access site. https://hsnyc.co

It shows the following error:

This site can’t provide a secure connection 
hsnyc.co
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

More details:
Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.

Is there a problem with the SSL cert? How do I troubleshoot cert related issues in Azure? and How can I check the status of the SSL cert?

Thank you.

Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
928 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Tushar Kumar 3,326 Reputation points MVP
    2023-09-17T06:38:42.73+00:00

    SWA managed certificate automatically provides this TLS/SSL server certificate its fully managed and is automatically renewed continuously in six-month increments, 45 days before expiration.

    As I can see in your Site now it is using SSL its just intially binding was taking time.

    Please "Accept as Answer" if this helps

    1 person found this answer helpful.
    0 comments No comments

  2. Henry S 5 Reputation points
    2023-09-21T02:14:23.93+00:00

    After some troubleshooting I discovered an A record in my registrar DNS settings that was still pointing to my old host. This was causing the error with the domain. After deleting this record the SSL cert error stopped.

    Thank you both for your assistance.

    1 person found this answer helpful.
    0 comments No comments

  3. SnehaAgrawal-MSFT 21,506 Reputation points
    2023-09-18T15:27:01.0933333+00:00

    @Henry S Thanks for reaching here! There was similar issue previously on GitHub

    After diving further into this, it turns out that the ISP had blocked the domain due to phishing concerns.
    If you are hitting SSL_PROTOCOL_ERROR or hitting DNS issues when reaching the default hostname of your SWA, you may need to contact your ISP to allowlist your domain as they may have incorrectly flagged it.

    Let us know if issue remains.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.