0

I recently installed a couple SSL certificates on a few domains, and generally they work, but whenever I switch IP addresses I get an ERR_CONNECTION_CLOSED error. If I refresh a few times, it will switch to SSL_VERSION_INTERFERENCE for one refresh, then work the next time, and all following loads until I change IPs again. This makes me believe it's some kind of caching error, but I'm not exactly sure where to look.

We are currently running Apache 2.2.15 (Nothing related in the error logs) on two servers behind an HTTPS load balancers. The LetsEncrypt certificates were generated on one server, and rsync'd to the other. I have two certificates per domain (with and without www., and a corresponding VirtualHost for each)

UPDATE: It appears that only one server attached to the load balancer was closing the connections. I removed that server from the balancer for the time being and all connections are being accepted. However the server denying the connections is the one that the certificates were generated on, not the one that got rsync'd to.

Paul
  • 1
  • 2
  • 1
    How are your load balancers handling HTTPS, then? – Michael Hampton Feb 13 '19 at 05:22
  • @MichaelHampton Currently there are two load balancers while we migrate to https. One handles only https connections, and the certificates are held on the servers – Paul Feb 13 '19 at 05:26
  • Your load balancer doesn't terminate TLS? How is it configured? – Michael Hampton Feb 13 '19 at 05:28
  • @MichaelHampton no it doesn't, with rackspace balancers you can either have a mixed 80/443 balancer that terminates at the load balancer itself, but they only allow it to hold one certificate. The other option is a load balancer that only takes in traffic on 443 and sends it straight to the server where the validation is done. The domains that currently have certificates are pointed to the 443 balancer, everything else goes to the one handling http. – Paul Feb 13 '19 at 05:33

0 Answers0