使用 LetsEncrypt 和 Nginx 时出现 SSL 错误

我使用 certbot 和 LetsEncrypt 配置了我的 Nginx 服务器。操作系统是 Ubuntu 16.04，过程中没有出现任何错误，但是当我从浏览器访问它时，它会显示以下错误：在 Firefox 中：

安全连接失败 连接到 hamclassy.ir 时发生错误。无法与对方安全通信：没有通用加密算法。错误代码：SSL_ERROR_NO_CYPHER_OVERLAP

在 Chrome 中：

此站点无法提供安全连接 hamclassy.ir 使用不受支持的协议。ERR_SSL_VERSION_OR_CIPHER_MISMATCH

我的 Nginx 配置是：

server {
  listen 80 default_server;
  listen [::]:80 default_server ;#ipv6only=on;

  server_name hamclassy.ir;
  root /var/www/hamclassy;
  index index.html;

  location /test.html {
    alias /var/www/hamclassy/test.html;
  }

  listen [::]:443 ssl ;#ipv6only=on; # managed by Certbot
  listen 443 ssl; # managed by Certbot
  ssl_certificate     /etc/letsencrypt/live/hamclassy.ir-0002/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/hamclassy.ir-0002/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

--- 已编辑 --- 这是我的 options-ssl-nginx.conf 文件：

# This file contains important security parameters. If you modify this file
# manually, Certbot will be unable to automatically provide future security
# updates. Instead, Certbot will print and log an error message with a path to
# the up-to-date file that you will need to refer to when manually updating
# this file.

ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1440m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

-----已编辑 -------

当我想要通过 OpenSSL 连接时出现错误

 # openssl s_client -connect hamclassy.ir:443 -tls1_2
CONNECTED(00000003)
139650936854168:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:362:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1522776319
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

和

openssl s_client -connect hamclassy.ir:443
CONNECTED(00000003)
140618586904216:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1522782522
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---