[Solved] SSL doesnt work until I refresh my website?

[robertk1997]

I've had websites in the past and this is my first time having one in many years. This is the first time I've encountered this issue. HTTPS loads fine on my personal computer, and works on other devices only after I refresh the website one time, then it starts to load as HTTPS. Otherwise it says its not secure. Any ideas why this is happening? Does this have something to do with my DNS?

 

My website is https://swflspas.com/

Edited February 11 by robertk1997

[Unknown025]

Loads securely for me. Are you having the problem on one specific device, or multiple devices? It's possible the page was cached, which is why it loads with HTTPS after being reloaded.

[robertk1997]

57 minutes ago, Unknown025 said:

Loads securely for me. Are you having the problem on one specific device, or multiple devices? It's possible the page was cached, which is why it loads with HTTPS after being reloaded.

I tried on multiple devices its very hit or miss.

Every time I scan the site with various security apps everything checks out. But I had my coworkers check on their phones and some it loaded some it didn't. Checked on work computer with different browsers and same results.

[Unknown025]

I'll escalate your thread so an administrator can look into it. Are you forcing a redirect to HTTPS using a .htaccess file, or some other method?

[robertk1997]

So I was using a wordpress plugin for SSL along with Heliohost's built in SSL feature through plesk. I thought maybe it was conflicting so I removed the plugin and just used the one with Plesk. I'm unsure honestly if it uses htaccess or not. I believe the wordpress one was but I disabled it

[Krydos]

Everything looks fine to me too. It was probably the Wordpress plugin. Now that it's disabled let us know if you continue having issues.

[robertk1997]

6 hours ago, Krydos said:

Everything looks fine to me too. It was probably the Wordpress plugin. Now that it's disabled let us know if you continue having issues.

It's been disabled and the issue persisted I meant . I opened a new browser just now, cleared the cache, and went to my website and this happened (see image attached). I know it's probably a skill issue on my end but  I enabled SSL like I do with other hosts in the past and I never had this issue. I really can't have this happening with a business website lol and I can't get emails to send either bc Gmail says my site isn't authenticated. Any ideas what to do here?

I just realized my emails haven't sent at all I was wondering why my leads wouldn't respond.

[wolstech]

These are two unrelated issues. The email issue is actually normal unless you request we set up SPF and DKIM for a domain. I've gone ahead and set that up for you and email from your domain should now deliver. We recommend sending a test email to https://www.mail-tester.com/ to make sure that everything is set up correctly. If you get less than a 10/10 score please post a link to the full report so we can help you fix any other issues that there may be.

I cannot reproduce the insecure connection issue. The domain works fine for me.

[Krydos]

SPF, DKIM, and DMARC have nothing to do with https. You can have SSL and not have SPF, DKIM, or DMARC, or you can have SPF, DKIM, and DMARC but not have SSL because they don't affect each other.

DKIM, SPF, and DMARC have been set up for the domain swflspas.com. We recommend sending a test email to https://www.mail-tester.com/ to make sure that everything is set up correctly. If you get less than a 10/10 score please post a link to the full report so we can help you fix any other issues that there may be.

SSL is still working for me. Here is IPv6:

root@control [~]# curl --verbose https://swflspas.com
*   Trying 2001:470:1:1ee::3004:443...
* Connected to swflspas.com (2001:470:1:1ee::3004) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Unknown (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384

Here is IPv4:

root@control [~]# curl -4 --verbose https://swflspas.com
*   Trying 65.19.154.94:443...
* Connected to swflspas.com (65.19.154.94) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Unknown (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Unknown (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384

Here is another SSL tester https://www.sslshopper.com/ssl-checker.html#hostname=swflspas.com

[Krydos]

Since your website uses an SSL certificate whose root was generated in March 2024, it's possible your phone OS hasn't been updated since then to include the new root certificate. Does SSL work if you run the latest updates?