Safari and Lets Encrypt


Have just started to use Lets Encrypt but cannot open the websites in Safari on Windows (have not checked Safari on MAC).

Get the error:

Can’t establish a secure connection to the server

The site is:

I am not sure if this is a certificate issue or a server config issue. I am using apache 2.4.6 and a Joomla 3.6.5 website forcing SSL connection.

Many thanks for any help.

I made quick test and the problem is with your selected SSLCipherSuite, plus probably some other SSL settings. You will need to dig into httpd.conf and ssl.conf and see what you have there.

Thank you for that, I found the following in the httpd.conf:

SSLProtocol -SSLv2

And I changed to:

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

I get this error in the apache error log:

RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

RSA certificate configured for does NOT include an ID which matches the server name

Actually SSLProtocol should be:

SSLProtocol -ALL +TLSv1 +TLSv1.1 +TLSv1.2

Browsers are still using TLSv1 and TLSv1.1 (especially mobile versions) so you should keep them enabled.

Not sure what did you change but last time i check your website the only problem was with SSLCipherSuite and based on the test results this was the only thing you needed to modify.