Encryption works for a short time, but then it doesn't

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: diseasemonitor.semrdemo.com

I ran this command: browser access of site shows not secure. It did work correctly for a few minutes. I didn't change anything in the meantime.

It produced this output: not secure

My web server is (include version): apache2 2.4.54

The operating system my web server runs on is (include version):Ubuntu 22.04

My hosting provider, if applicable, is: linode

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.29.0

Hello @rogers , and welcome to the LE community forum :slight_smile:

It seems like this is a DNS issue; no DNS records for diseasemonitor.semrdemo.com nor semrdemo.com
DS Lookup - Check DNS DS Records of a Domain
DS Lookup - Check DNS DS Records of a Domain

Scratch that I was using the wrong tool :hushed:

Certificate Transparency logs looks fine.

2 Likes

Hmm. Must be an issue with godaddy. I set this up hours ago. Thank you. At least now I know where to look.

Will I need to reinstall the certs once DNS is working properly?

3 Likes

I don't see the same DNS problem that Bruce describes.

I connect just fine using both http and https to that domain name.

What I do see is that you accept connections on http where you should be redirecting those to https. Could the problem you see be related to not using https:// specifically?

4 Likes

Of course, I've tried that a number of times and seen failures. But just now when I did, all is working correctly. I'm going to start drinking early today :slight_smile:

1 Like

Sorry I messed up; used the wrong tool. :hushed:

3 Likes

You should redirect http requests to https. Who or how did your Apache config get updated?

curl -I http://diseasemonitor.semrdemo.com
HTTP/1.1 200 OK
Date: Thu, 04 Aug 2022 14:45:35 GMT
Server: Apache/2.4.54 (Ubuntu)
Upgrade: h2,h2c
(other headers omitted)
4 Likes

I did that.
Will correct it now.

2 Likes

SSL Labs test good SSL Server Test: diseasemonitor.semrdemo.com (Powered by Qualys SSL Labs)

2 Likes

Hmm. My rewrite was there. servername was incorrect.

2 Likes

Using Redirect Checker | Check your Statuscode 301 vs 302 with http://diseasemonitor.semrdemo.com
I does not show any redirect.

1 Like

I just corrected is 20 seconds ago.

4 Likes

Yeah, I see it redirect fine.

curl -I http://diseasemonitor.semrdemo.com
HTTP/1.1 301 Moved Permanently
Date: Thu, 04 Aug 2022 14:55:35 GMT
Server: Apache/2.4.54 (Ubuntu)
Location: https://diseasemonitor.semrdemo.com/
4 Likes

Thank you guys. Your help was greatly appreciated.

5 Likes

Yes you did as shown here:

2 Likes

I can se it. Looks good to me.

3 Likes