Cannot Establish TSL/SSL Connection with Cloudflare
If a domain cannot establish a TSL/SSL connection when using Cloudflare, it is likely because Cloudflare requires a Server Name Indication (SNI) at the virtual host level, in addition to the listener level.
You may see the following notice in your Chrome or Firefox browser:
The site can't provide a secure connection example.com users an unsupported protocl ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Or, you may see this:
Secure Connection Failed An error occurred during a connection to example.com. Peer reports incompatible or unsupported protocol version. Error code: SSL_ERROR_PROTOCOL_VERSION_ALERT
Solution
Add SSL key/certificate configuration at vhost level under the SSL tab. Even if the configurations are identical, CloudFlare requires SNI to be set at both the virtual host level and the listener level. Do so, and the problem should go away.