Compare this: Disabling deprecated TLS cipher suites during validation
And this: https://www.ssllabs.com/ssltest/analyze.html?d=www.blanchcentrehistory.com
Your best option is to enable better cipher suites: ssl-config.mozilla.org
Alternatively, don't redirect the challenge on HTTPS.