My SSL stop working after few Minutes since SSL installation

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: metizapps.com

I ran this command:

It produced this output:

My web server is (include version): Apache2

The operating system my web server runs on is (include version): ubuntu14.04

My hosting provider, if applicable, is: AWS (Amazon)

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

My SSL stop working after few Minutes since SSL installation. Please let me know if you need more detail. Right now I have removed letsencrypt because its stopped my site

Hi @jaydip.kansagra

you have some Letsencrypt certificates ( https://check-your-website.server-daten.de/?q=metizapps.com#ct-logs ):

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
972804569 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-18 04:14:28 2019-09-16 04:14:28 metizapps.com, www.metizapps.com - 2 entries duplicate nr. 1
950178073 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-05 04:17:26 2019-09-03 04:17:26 metizapps.com, www.metizapps.com - 2 entries
950162258 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-05 04:05:53 2019-09-03 04:05:53 metizapps.com, www.metizapps.com - 2 entries
950142181 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-05 03:53:09 2019-09-03 03:53:09 metizapps.com, www.metizapps.com - 2 entries
950126586 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-05 03:42:23 2019-09-03 03:42:23 metizapps.com, www.metizapps.com - 2 entries
951202438 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-06-05 03:04:53 2019-09-03 03:04:53 metizapps.com, www.metizapps.com - 2 entries

One is new, five are from 2019-06-05, looks like you have hitted the limit.

But you don't use it, instead there is another certificate

CN=metizapps.com
	17.12.2018
	17.01.2020
expires in 213 days	metizapps.com, *.metizapps.com - 2 entries

from Amazon. And the chain is wrong:

Chain - too much certificates, don't send root certificates	
	1	CN=metizapps.com
	2	CN=Amazon, OU=Server CA 1B, O=Amazon, C=US
	3	CN=Amazon Root CA 1, O=Amazon, C=US
	4	CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, C=US, ST=Arizona

You use the certificate - Grade E. There are some older checks with Grade T, https didn't answer.

That’s a certificate issued and controlled by AWS – probably on an ELB? I don’t think there’s any way to control how Amazon configures the chain. It’s inefficient, but valid and probably very backwards compatible.

@jaydip.kansagra, when you say the certificate will “stop working”, what do you mean? Do you get an error message? If so, what is it? What’s generating it?

Are you configuring a Let’s Encrypt certificate on Apache or what?

Hello @JuergenAuer

I did try to install letsencrypt SSL but every time I got the issue (SSL stop working after few minutes )

Is there any request limit? because this domain / server have lots of requests.

Your question : when you say the certificate will “stop working”, what do you mean? Do you get an error message? If so, what is it? What’s generating it?
Answer : Stop working mean : SSL not connect after few minutes

  1. Do you get an error message?
    Ans : No, its just time out, Not shake hand with SSL

Please let me know if you have any suggestion on this.

Thanks,
Jaydip Kansgra

1 Like

You can use Letsencrypt. But you don't use it. And you don't need 5 identical certificates in one week. So there is a rate limit. Create one certificate, then use it 60 - 85 days.

I don't understand that problem. That is only a local installation problem, that has nothing to do with Letsencrypt. If the certificate is created and downloaded, Letsencrypt is done.

Sounds like a special problem in your application. So changing the certificate -> the application crashes or is stopped.

Hello @JuergenAuer

Its same like : Website stop working after few hours since SSL installation

Interesting, thanks to share that old topic.

There answered another instance, you have a timeout. Timeouts are terrible - no answer.

But now, I have no idea how to debug that. If there is a timeout, is your server running?

Yes, My server is running with AWS SSL, but right now there is no letsencrypt SSL certificate in my server. Do I need to re-install letsencrypt SSL so you can get better idea about this issue.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.