The client machine is negotiating a version of TLS/SSL that is not acceptable for a specific website. (Security reasons, interoperability with OCS, etc)
The following configuration is only applicable through CPL. There are no options for this in the VPM.
Acceptable Layer Types
<ssl> and <proxy> layers