We can categorize all the SSL issues into two categories; handshake failures and poor performance.
The SSL handshake failures are due to one of the following reason(s):
- Expired certificates: When the SSL server-side certificate is expired, you need to request the service provider to update the SSL certificate. It is a leading practice, if you are updating your SSL certificate don't use the old Certificate Signing Request (CSR) to request a new certificate. Always produce a CSR request with a new certificate key with the latest mandate on the key length. The present recommendations for SSL certificate key length is 2048.
- Wrong site domain: The most common mistake for site domains that are made is using