Hi Hanood,
Certify The Web just fetches and installs certificates for you, it doesn’t modify other configuration and as such doesn’t affect the normal operation of your websites.
As general advice I would:
- Ensure you are running the latest supported versions of everything (Windows, PHP, databases you connect to and your web application).
- Investigate how PHP is integrated into IIS (fastcgi etc), this is an old article but may still be useful: https://docs.microsoft.com/en-us/iis/application-frameworks/running-php-applications-on-iis/best-practices-for-php-on-the-microsoft-web-platform
- Limit the use of malware/anti-virus packages to ensure the ones you have are not competing with each other.
- Check there is plenty of disk space and there are no disk read/write errors occurring, this is relevant for any form of attached storage.
- Check your php app is genuinely using the app pool you think it is, it may be your restarting a different app pool.
- Investigate restricting TLS connections to the latest supported cipher suites: https://www.nartac.com/Products/IISCrypto/ as running an insecure variant may have side effects when being attacked by crawlers/robots/scripts.
- Examine the code of your PHP site to see if any pages then make https requests back to the site itself. https://martinsblog.dk/windows-iis-with-php-curl-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate/
Keep in mind that IIS itself is used by millions of sites with https, many of which use php. It may have bugs but they are not likely to be ones you will encounter regularly on a patched and updated system unless they are caused by custom code.