Website stop working after few hours since SSL installation

Hi,

I’m making a website on Prestashop and I’m hosting it on my own server (Apache 2 - Debian 8). I installed a SSL certificate with Certbot and everything was working fine. I had to enable SSL and force redirection of all http to https in Prestashop and everything was working after (all website pages were https).

Problem is it only works for few hours (about 3 hours). After that I’m unable to reach the website (FrontEnd and BackEnd). To solve it, I have to restart the router of my server to make it work again for few hours.

I’m stuck with this problem and I dont know where to start or look.

If you have any idea what it could be or where to look I would really appreciate some help!

Thank you and sorry for my English it’s not my first language.

This is interesting.
You restart the router and it works… for only a few hours?
Do you also have to restart your web server too?

Yes I did. First, I was trying to change some settings to make sure port 443 is open in the Cisco Control Panel. If I enable it and save config, it start working again but only for few hours. After It stopped working, I tried disable it and the website started to work fine again. So, I realised what I was doing made no real effects… It was the Save that would make it work again (it probably restart the server or refresh it, im not sure).

I never had that problem before installing SSL certificate. I ran many tests on some websites to see if the config looks OK and all websites says everything is fine (When the website works). However, when the website stop working, I run those tests again and it looks like the SSL certificate cant be found…

Do you have some specific error messages or log files?

I looked in the apache2 error log and I couldnt find anything suspicious…

What cron jobs are you running?

How about on the client side? What happens when you try to access the site?

I get a Chrome warning first :

NET::ERR_CERT_COMMON_NAME_INVALID

After redirecting to the website ( after ignore warning):

Can’t reach

Can you tell us the domain name?

I dont think it has a link with Crons (I run every morning some cron to update products stock, prices, etc)

Sometimes it stops working during the day

Sent you a private message

Based on the private message you sent, I was able to see the site working at one time and then later stop working. When it stops working, a different device is answering connections on port 443 and it serves an untrusted self-signed certificate in the name of

0 s:/CN=192.168.1.108/C=CN/ST=ZHEJIANG/L=HANGZHOU/O=DAHUA/OU=DAHUATECH i:/CN=Product Root CA/C=CN/ST=ZheJiang/L=HangZhou/O=DahuaTech

That shows the manufacturer of the device that is answering these connections, so I guess you need to figure out where it is, what it is, and why it interposes itself into the connection (only after some delay). It could, for example, potentially be some kind of network router or firewall.

By the way, we really discourage people on the forum from sharing the domain name via private message because domain names get revealed publicly in your certificate, and if you share it with everyone on the forum, there are more people who will be in a position to do their own tests and potentially help you resolve the problem.

It looks like this is the manufacturer in question

so presumably someone has one of their devices on the network, and there’s something strange about the device itself or about a route or port forward upstream of it.

change the password and restart the router.

Thank you! I found the device with Spiceworks Ip Scanner and I disabled it, ill see if the website is still up in few hours. I’m pretty sure you solved my problem!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.