SSL issues
We can categorize all the SSL issues into two categories; handshake failures and poor performance.
The SSL handshake failures are due to one of the following reason(s):
Expired certificates: When the SSL server-side certificate is expired, you need to request the service provider to update the SSL certificate. It is a leading practice, if you are updating your SSL certificate don't use the old Certificate Signing Request (CSR) to request a new certificate. Always produce a CSR request with a new certificate key with the latest mandate on the key length. The present recommendations for SSL certificate key length is 2048.
Wrong site domain: The most common mistake for site domains that are made is using
mysitedomain.comversuswww.mysitedomain.comand vice versa in the URL address.Missing Certificate Authority (CA) in the trust store: Install the root and intermediate CA into the trust store of SSL client application. In a client-server authentication or two-way SSL implementations...
