Telecom Italia (ISP) and certificate recognition issues

My domain is:
My web server is (include version): 2.4.10-10+deb8u8
The operating system my web server runs on is (include version): Release: 8.5 - Codename: jessie

Hi friends, happened to me a curious thing:

only with Internet connection Telecom Italia Business ((for the moment), and (for the moment too) only for one domain ( Firefox seem unable to fetch the the right certificate. And this is manifested with the traditional Firefox warnng of insecure navigation.
If I run Firefox with a different ISP the problem goes.

Have you still had similar situations?

many thanks


The problem is NOT with the cert, nor the server config:

openssl s_client -connect -servername
openssl s_client -connect -servername none

both return a certificate with "subject=/"
and SAN =



My only advice is to add server cipher order preference to minimize the possibility of weak/insecure cipher negotiation (or remove all weak/insecure ciphers).

Ghh… could you explain better for me (that I’m little more than a newbie…) what you mean by your hints? How I could change the server cipher order?

Still relatively to telecom, today I felt the assistance and the first level technician confirmed me a geographic problem to their network, but did not tell me anything more…

Many thanks for your kind help Rudy!

Without knowing which web server is in use:

I can only guess, it might be Apache.

So, for Apache see: "SSLHonorCipherOrder On"
And you can also review this page for more detail:

And you can check your system anytime at:

…hoops, sorry, Apache2! :innocent:

Many thanks fro your hints, very very useful!!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.