SSL Error
Hello
SSL is not work on one of my domain
I tried different methods but the problem didn't work out
I get Time out error
Http is ok.
for exp :
recreate account, reissue certificate ,...
When I move to another server, everything is OK
How Is possible Remove all of Cache in Server for this one?
Thank you
Best regards
-
Hello, When you attempt to access a domain that has a valid SSL you receive the timeout? What is the output of the following: curl -vvI https://domain.tld
Ensure you remove any actual domain names and IP addresses from the output0 -
Hello, When you attempt to access a domain that has a valid SSL you receive the timeout? What is the output of the following:
curl -vvI https://domain.tld
Ensure you remove any actual domain names and IP addresses from the output
Hello Thanks for your reply Output is :curl -vvI https://nik.... * About to connect() to nika... port 443 (#0) * Trying 5....... * Connected to ni.....com (5....) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: CN=nik.... * start date: Mar 30 00:00:00 2020 GMT * expire date: Jun 27 23:59:59 2020 GMT * common name: nik.... * issuer: CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB > HEAD / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: ni... > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Connection: Keep-Alive Connection: Keep-Alive < X-Powered-By: PHP/7.2.28 X-Powered-By: PHP/7.2.28 < Content-Type: text/html; charset=UTF-8 Content-Type: text/html; charset=UTF-8 < Date: Tue, 31 Mar 2020 21:37:57 GMT Date: Tue, 31 Mar 2020 21:37:57 GMT < Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 < * Connection #0 to host ni.... left intact0 -
Hello, There was no timeout here and the domain was retrieved successfully with a valid SSL. You can see this by the following: SSL info: * Server certificate: * subject: CN=nik.... * start date: Mar 30 00:00:00 2020 GMT * expire date: Jun 27 23:59:59 2020 GMT * common name: nik.... * issuer: CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
Apache Response:< HTTP/1.1 200 OK HTTP/1.1 200 OK
Is the IP that's returned the same as the IP of the server where it's not working? Are you using any firewall software? Did you run this curl request from the server or outside the server? IF run from the server please run it from another location that is remote to the server.0 -
The previous result is from the same server that is hosted. Yes I use a firewall and imunify360 The following result is from another server: curl -vvI https://nika... * About to connect() to nik.... port 443 (#0) * Trying 5..... * Connected to ni.... (5.9...) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -5961 (PR_CONNECT_RESET_ERROR) * TCP connection reset by peer * Closing connection 0 curl: (35) TCP connection reset by peer
SSL is not work just work http:curl -vvI http://ni... * About to connect() to ni... port 80 (#0) * Trying 5.9.... * Connected to nik... (5....) port 80 (#0) > HEAD / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: nik... > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Connection: Keep-Alive Connection: Keep-Alive < X-Powered-By: PHP/7.2.28 X-Powered-By: PHP/7.2.28 < Content-Type: text/html; charset=UTF-8 Content-Type: text/html; charset=UTF-8 < Date: Wed, 01 Apr 2020 19:32:49 GMT Date: Wed, 01 Apr 2020 19:32:49 GMT < * Connection #0 to host nika... left intact
@cPanelLauren0 -
With the firewall disabled does the request continue to fail? The error PR_CONNECT_RESET_ERROR almost always indicates a firewall related issue 0 -
With the firewall disabled does the request continue to fail? The error PR_CONNECT_RESET_ERROR almost always indicates a firewall related issue
Hi @cPanelLauren I disabled the firewall and the Imunify360 but the problem was not resolved0 -
I'd strongly urge you to contact your hosting provider to ensure that there isn't something network related occurring. I'm able to perform a curl request to the server over 443 without issue using the IP address (I can see the pre-edited posts) 0 -
I'd strongly urge you to contact your hosting provider to ensure that there isn't something network related occurring. I'm able to perform a curl request to the server over 443 without issue using the IP address (I can see the pre-edited posts)
Hi @cPanelLauren Thank for your reply This problem only applies to 3 domains No problem for other domains on the same network (https|443)0 -
That's different then. The https request for those domains should be no different than the one being performed for the working domains on the same server. There has to be a configuration difference occurring for those domains. Because I can't look at the server and we don't promote the use of real domain names on the forums I'd advise you to open a ticket to have this investigated further. 0 -
That's different then. The https request for those domains should be no different than the one being performed for the working domains on the same server. There has to be a configuration difference occurring for those domains. Because I can't look at the server and we don't promote the use of real domain names on the forums I'd advise you to open a ticket to have this investigated further.
@cPanelLauren Hi Thanks for your reply I will open an Ticket soon, Can you please Tell me what's Configuration should i check? Thank you very much0 -
I think my first stop would be ensuring that you're not cached, if you haven't checked that already, the .htaccessfiles associated with those domains as well as any apache includes. 0 -
I will also note that I was able to view the site (based on an IP lookup of the IP prior to your removing it) over https without issue. See the curl request below as well: # curl -vvI https://nikaxxxxxx.com * About to connect() to nikaxxxxxx.com port 443 (#0) * Trying 5.9.xx.xx... * Connected to nikaxxxxxx.com (5.9.xx.xx) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: CN=www.server.nikaxxxxxx.com * start date: Mar 26 20:01:10 2020 GMT * expire date: Jun 24 20:01:10 2020 GMT * common name: www.server.nikaxxxxxx.com * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US > HEAD / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: nikaxxxxxx.com > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Connection: Keep-Alive Connection: Keep-Alive0 -
I think my first stop would be ensuring that you're not cached, if you haven't checked that already, the .htaccessfiles associated with those domains as well as any apache includes.
I'm use LiteSpeed Plugin,That may be the problem? The problem is very strange Port 443 does not work for these 3 domains only for some locations Like Turkey, Dubai, Iran But for the United States, Germany, etc., port 443 is available without any problems0 -
This sounds a lot like a firewall issue, I don't know of anything that would cache the site for specific countries and not for others, furthermore, I'm unaware of anything but a firewall that would employ restrictions based on the country 0
Please sign in to leave a comment.
Comments
14 comments