The error occurs in case the port a client is trying to connect to is opened on the server, but there is no certificate configured properly on the server’s side for this port.
For more detailed information you can check connection using openssl: openssl s_client -connect yourdomain.tld:*port* (for example: openssl s_client -connect ssl-certificate.com:443) There should be an output like the one below: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766:
As you can see, in fact, the connection is established, however a handshake failed due to the absence of a certificate configured for the port. You can also find details about such kind of a failed connection using a network analyzer like wireshark:
As you can see this error is considered as a bad request from a client’s side, since the requested certificate is not configured on the server. You may encounter this error with Apache, nginx or similar web servers. The issue is usually related to the incorrect VirtualHost record or in case a VirtualHost record is specified in the configuration file which is not listened by the webserver. Fox example, in case of Apache the error will show up in Firefox if you have a line “Listen 443” in your VirtualHost file without an actual VIrtualHost record for port 443 or in case the record for port 443 is incorrect. If you are not sure, how to deal with OpenSSL, VirtualHosts or just don’t have root access on your server, please ask your web-host provider for assistance.