Greetings, As of March 1st, 2020 SSLLabs is now capping the score of any host with TLS v1.1 enabled to a "B" grade, and based on their information (https://blog.qualys.com/ssllabs/2018/11/19/grade-change-for-tls-1-0-and-tls-1-1-protocols) no browsers would really be affected so I went ahead and just turned it off.
We now only support TLS v1.2 and have also disabled most weaker encryption types, in particular, we are using these settings: https://ssl-config.mozilla.org/#server=apache&version=2.4.25&config=intermediate&openssl=1.1.0d&hsts=false&ocsp=false&guideline=5.4 After these changes, we have an A grade (applies to all hosted domains): https://www.ssllabs.com/ssltest/analyze.html?d=hcoop.net&s=68.183.54.165&latest -- <captain_krunk> ntk is currently using "telnet fyodor 25" to send email
signature.asc
Description: PGP signature
_______________________________________________ HCoop-Discuss mailing list [email protected] https://lists.hcoop.net/listinfo/hcoop-discuss
