We have many users reporting issues on multiple days beginning in mid of July 2024. They seem to get a ERR_SSL_PROTOCOL_ERROR in the browser(Safari and Chrome) which remains for around 5-10 minutes and then they can continue to view the website on a refresh/reload of page. For certain users the website seems to take a long time to load and in certain cases it timed out.
We have our DNS zone hosted externally and a wildcard custom SSL certificate for our domain issued by GoDaddy. Whereas, the apps are hosted in Netlify with apex domain having A record and www(primary domain) having a CNAME to high performance edge network of Netlify.
The below action items were tried based on suggestions:
- Delete the auto created DNS records and the DNS zone in Netlify as we are already using external DNS.
- Point the Apex domain to high performance edge network (IPv4 address provided by Netlify support).
- Flushed the DNS at google public DNS cache.
But unfortunately, after performing these activities we continue facing this issue intermittently.
Observations:
For the systems that are facing this issue intermittently, we see that the SSL certificate fetched with the command
openssl s_client -connect www.{domain}.com:443 and openssl s_client -connect {domain}.com:443 is returning a Lets Encypt certificate which is provided by Digicert instead of the custom GoDaddy SSL certificate that we make use of.
We did not find any AAAA mapping for our Apex domain, whereas the same is observed for the primary domain i.e www.
Looking forward for any pointers/ suggestions.
Regards,