Yesterday my server started to have timeouts for web pages accessed over https. I had the same problem with default vhosts (443) as well as the ISPConfig backend (8443). So I started to debug the incident, disabled the firewall (ufw), restartet apache, restarted the server - nothing helped. Then I found out that everything was working fine through http - port 80. Furthermore I didn't see any timeout using curl, but I got timeouts using wget. So I tried to use wget directly on the server which was working fine. Then I tried to use forwarding through SSH wich resulted in a timeout as well: Code: ssh -L 8443:localhost:8443 [email protected] After hours of debugging the error vanished by itself. During the night I got a message that a switch had to be exchanged in the datacenter, so I thought that was the cause. Today the same problem occured again. Again a whole afternoon of debugging without any result and now everything is working fine again. There is one more thing I found out today: When I stop apache2 and run an own webserver like this everything is working fine: Code: python3 -m http.server --bind 0.0.0.0 --certfile /etc/letsencrypt/live/web1.example.com/fullchain.pem --keyfile /etc/letsencrypt/live/web1.example.com/privkey.pem 443 The server load was very low due to not working connections, so this also could not be the cause. Does anyone have an idea how I can find the cause of the problem to prevent this in future? ISPConfig version: 3.2.12p1 Server: Ubuntu 24.04
Okay, for anyone who might stumble on a similar problem: The problem was caused by the certificate chain check by Let's Encrypt. My server could not reach the needed servers which was caused by a DNS issue: Code: dig @8.8.8.8 r10.o.lencr.org ;; communications error to 8.8.8.8#53: timed out ;; communications error to 8.8.8.8#53: timed out ;; communications error to 8.8.8.8#53: timed out The strange thing is that Google's DNS server works for all other domains but for the TLD lencr.org . And I have this problem only on a single server, the above command works on all other servers without problem. So the solution was to switch to Cloudflare's DNS servers. Now everything is working without any problem again.
