====== Cannot Establish TSL/SSL Connection with Cloudflare ======
If a domain cannot establish a TSL/SSL connection when using Cloudflare, it is likely because Cloudflare requires a Server Name Indication (SNI) at the virtual host level, in addition to the listener level.

You may see the following notice in your Chrome or Firefox browser:
  The site can't provide a secure connection
  example.com users an unsupported protocl
  ERR_SSL_VERSION_OR_CIPHER_MISMATCH
  
{{:litespeed_wiki:config:cloudflare-sni-can_t_providesecureconnection.png?600|}}

Or, you may see this:
  Secure Connection Failed
  An error occurred during a connection to example.com. Peer reports incompatible or unsupported protocol version.
  Error code: SSL_ERROR_PROTOCOL_VERSION_ALERT
  
{{:litespeed_wiki:config:cloudflare-sni-secureconnectionfailed.png?600|}}

===== Solution =====
Add SSL key/certificate configuration at vhost level under the SSL tab. 
Even if the configurations are identical, CloudFlare requires [[https://www.cloudflare.com/learning/ssl/what-is-sni/|SNI]] to be set at both the virtual host level and the listener level. Do so, and the problem should go away.