Error 35: error:0A000102:SSL routines::unsupported protocol

This error indicates that the SSL/TLS connection failed because the server and client could not agree on a supported protocol version.

It typically occurs when the server only supports outdated SSL/TLS versions that are no longer accepted by modern clients.

What causes this error?

The error occurs when:

The server only supports deprecated protocols such as:
- SSLv2
- SSLv3
- TLS 1.0
- TLS 1.1
The client enforces modern security standards (TLS 1.2 or TLS 1.3)
There is no overlap between supported protocol versions

Modern OpenSSL versions (especially 1.1.1+ and 3.x) disable older protocols by default.

Outdated protocols are considered insecure due to known vulnerabilities, including:

For this reason, modern clients refuse to connect using these protocols.

The correct fix is to update the server configuration to support modern TLS versions.

Ensure your server supports at least:

For Nginx:

ssl_protocols TLSv1.2 TLSv1.3;

For Apache:

SSLProtocol TLSv1.2 TLSv1.3

Apply the changes:

systemctl restart nginx

systemctl restart apache2

When HetrixTools encounters this issue during SSL monitoring, it will log the following error in your Location Fail Log:

Error 35: error:0A000102:SSL routines::unsupported protocol

This means the monitored endpoint does not support modern TLS protocols and needs to be updated.

This issue is server-side and must be fixed on the server being monitored
Updating client software alone will not resolve the issue if the server only supports outdated protocols
Most modern hosting providers already support TLS 1.2+ by default

This error occurs when the server only supports outdated SSL/TLS protocols. The proper fix is to enable TLS 1.2 or newer in the server configuration.