Website failed to load after using lets Encrypt SSL


#1

Hello,

I recently find your website and your service is very interesting.

I start to test your certificate at my sub-domain with your certificate and I’m using Debian 8.10 with Apache2 configured
every thing works fine except some times my website is not loaded at all and my client got The connection has timed out Error
that error will be fixed automatically and i don’t know how !!!
during connection timeout error i have access to server via ssh and http
there is no error on my apache error log

Any one have an idea about this issue?
Thanks

My domain is: mail.kayer.co.ir

root@mail:~# ./certbot-auto --version
certbot 0.31.0


#2

Hi @alux

checking your website via https://check-your-website.server-daten.de/?q=mail.kayer.co.ir there is a curious error:

ir

Your nameservers are very buggy. The ip address is non-authoritative, so the nameservers didn’t answer.

Must check why nothing is shown.

But the ir zone is sometimes buggy, perhaps same with the co.ir zone. a.nic.ir is bad.

Checked your nameserver, this is ns1.kayer.co.ir.

So the users don’t find an ip address.


#3

And even thou it lists two names:
kayer.co.ir nameserver = ns1.kayer.co.ir
kayer.co.ir nameserver = ns2.kayer.co.ir

BOTH NAMES ARE SAME IP:
ns1.kayer.co.ir internet address = 77.238.120.28
ns2.kayer.co.ir internet address = 77.238.120.28
[not enough eggs nor baskets]

If you don’t expect to change your mailserver IP anytime soon, you might see some improvement by increasing the 900 TTL to a much bigger number (like 86400 - one day).


#5

Hi,
Thanks for your replay
but I do not agree with you, because during my connection timeout error
my clients have access to http website and also nslookup shows everything fine
so the problem is not related to DNS issue at all


#6

Are those clients accessing http while unable to access https?

This is relative to your DNS system and you would need to check it from a global perscpective.
Try using something like this when having the trouble: https://www.whatsmydns.net/


#7

Problem was related to our firewall misconfiguration
Thanks for your support.


closed #8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.