I have to put off the rest of this investigation now, since the site actually seems to work for all clients. I have to assume, dangerously I realize, that the problem with the ssllabs.com assessment is actually a bug on their side. Despite the error, they are successfully connected to the server. The error occurs later in their scanning process. Various answers from other admins online lead me to believe that this error is rather generic and is produced whenever the ssllabs scan fails with an error that they haven’t fully defined.
For future reference, when I look into this again, here are my scattered bookmarks:
- Generate Mozilla Security Recommended Web Server Configuration Files
- tls - curl ‘SSL connect error’ - Super User
- libcurl - Error Codes
- Namecheap.com Knowledgebase • Installing a SSL certificate on Apache
- Namecheap.com Knowledgebase • Where do I find SSL CA Bundle? (SSL Installation, Installation, )
-
[Source address for whitelisting Qualys Community](https://community.qualys.com/thread/10559) -
[Known Issues (IPs for Whitelisting) Qualys Community](https://community.qualys.com/docs/DOC-4865) - Assessment failed: Unable to connect to the server · Issue #308 · ssllabs/ssllabs-scan
- /bin/bash based SSL/TLS tester: testssl.sh
- testssl-standard.jpg (935×1899)
- SSL Labs DROWN Test Implementation Details – Qualys Blog
