July 1st, TLS migration
-
I am sure this is not new to the group but it is to me. TLS and SSL older 1.0 and 1.1 versions will not be supported after july first and can cause connectivity issues for users that have not updated their browsers in forever. I have searched ML for anything on the subject. Is this something I need to put a lot of worry into?
-
Found this: So I am off to the races. https://support.microsoft.com/en-us/help/299520/how-to-determine-the-cipher-suite-for-the-server-and-client
-
Wow, found this website. https://www.ssllabs.com/ssltest/analyze.html?d=vdesk.tempopartners.com
Ran test and here are results. -
SSLlabs is good. I recommend selecting "Do not show the results on the boards" on each run, otherwise your result can get displayed there for the world to see, which can be pretty bad if bad guys are watching and you've only started your security project.
-
@tahin said in July 1st, TLS migration:
SSLlabs is good. I recommend selecting "Do not show the results on the boards" on each run, otherwise your result can get displayed there for the world to see, which can be pretty bad if bad guys are watching and you've only started your security project.
Thank you sooooo much!! Any help is awesome help. Thank you.
-
This whole TLS clown fiesta was brought to my attention by one of our ISPs that is hosting one of our websites. I just ran the SSLLabs test against the domain that they host for us and the results came back showing that TLS 1.0 and 1.1 are not supported and it had fewer warnings. This is a great info. We are now working on disabling those cypher suites. I call this whole thing a win.
