The domain in question is https://prophpbb.com
The certificate previously worked without issue. There have been no recent changes or cPanel updates. When trying to debug, the ssl cert being requested is clearly not what I have installed. In fact, it looks empty aside from some cryptic stuff, like the issuer email (see point 2). I suspect there might be DDoS mitigation going on either with HostDime, my datacenter, or globalsign, but I'm really spitballing at this point. I'm basing that on these findings:
- I can't ping prophpbb.com, but I can ping addaforum.com (on same server)
- SSL error returns net::ERR_CERT_AUTHORITY_INVALID and when I inspect the certificate, the issuer email is shown as: protect@DDoS-Filter.domain and the domain it's supposedly returning is "server" which is obviously not correct. The cert is issued by globalsign through the alphassl reseller ssl2buy.
What I have done to try to resolve this: 1. revoke the original certificate and reinstall it 2. rebuild cPanel's SSL cache via /scripts/rebuildinstalledssldb 3. restart apache 4. update cPanel from v60 to v62 5. disabling the software firewall (CSF)
I cannot find anything on Twitter regarding a globalsign outage. I put in a ticket at ssl2buy and at HostDime for good measure. Can you help me to understand what this issue is attributed to?
*edit - received a reply from HostDime. This was, indeed, caused by their DDoS mitigation. They resolved it quickly.
