How do I fix: 🛑 Root Causes of the Error?

The primary reason for this error is that your SSL/TLS protocol version is set to exclude newer protocols (TLSv1.2) while some browsers support it.Another possible cause could be a mismatch in the cipher suite used between your server and clients, but this seems less likely given your current config

How do I fix: 🚀 How to Resolve This Issue Update SSL/TLS protocol version?

Step 1: Open your Apache configuration file (usually /etc/apache2/apache2.conf) and update the SSLProtocol directive to include at least TLSv1.2.Step 2: Save the changes and restart the Apache service to apply the new configuration.Step 3: Verify that the updated protocol version is being used by ch

How do I fix: Update cipher suite?

Step 1: Check your current cipher suite and update it to a more modern combination (e.g., HIGH:MEDIUM:!aNULL:!MD5:!SSLv3:!SSLv2)!TLSv1.2)Step 2: Save the changes and restart the Apache service to apply the new configuration.Step 3: Verify that the updated cipher suite is being used by checking the O

Software⏱️ 3 min read📅 2026-06-15

How to Fix: I'm getting error: SSL3_GET_RECORD:decryption failed or bad record mac

Apache/2.4.26: SSL3_GET_RECORD:decryption failed or bad record mac error fix

Quick Answer: Check the OpenSSL version, update it if necessary, and ensure that the SSL/TLS protocol is set correctly in the Apache configuration.

📋 Table of Contents

🛑 Root Causes of the Error
🚀 How to Resolve This Issue
✨ Wrapping Up

The error: SSL3_GET_RECORD:decryption failed or bad record mac is occurring on your website, affecting users of Brave and Google Chrome. This issue causes intermittent errors, specifically the 'This site can’t provide a secure connection' message, which is frustrating for users.

This error occurs due to an incompatibility between the SSL/TLS protocol versions used by your server and those supported by certain browsers.

🛑 Root Causes of the Error

The primary reason for this error is that your SSL/TLS protocol version is set to exclude newer protocols (TLSv1.2) while some browsers support it.
Another possible cause could be a mismatch in the cipher suite used between your server and clients, but this seems less likely given your current configuration.

🚀 How to Resolve This Issue

Update SSL/TLS protocol version

Step 1: Open your Apache configuration file (usually /etc/apache2/apache2.conf) and update the SSLProtocol directive to include at least TLSv1.2.
Step 2: Save the changes and restart the Apache service to apply the new configuration.
Step 3: Verify that the updated protocol version is being used by checking the OpenSSL version output or using tools like OpenSSL s_client.

Update cipher suite

Step 1: Check your current cipher suite and update it to a more modern combination (e.g., HIGH:MEDIUM:!aNULL:!MD5:!SSLv3:!SSLv2)!TLSv1.2)
Step 2: Save the changes and restart the Apache service to apply the new configuration.
Step 3: Verify that the updated cipher suite is being used by checking the OpenSSL version output or using tools like OpenSSL s_client.

✨ Wrapping Up

To resolve this issue, update your SSL/TLS protocol version to include at least TLSv1.2 and ensure that your cipher suite is set to a more modern combination. This should resolve the intermittent 'This site can’t provide a secure connection' error for users of Brave and Google Chrome.

Did this fix your problem?

If not, try searching for specific error codes.

🔍 Search Error Database

❓ Frequently Asked Questions

🛠️ Related Fixes

How to Fix: Pc crashes shortly after launching game (rainbow

Fix Pc crashes shortly after launching game (rainbow six siege). Compl

How to Fix: Installing an APK on a locked down phone

Installing an APK on a locked down phone: Try using a rooted device, e

How to Fix: New PC build- no signal and no clue

Fix New PC build- no signal and no clue. Complete troubleshooting guid