Can you help me find what's wrong?


#1

Please fill out the fields below so we can help you better.

SSL Tester results:
https://www.ssllabs.com/ssltest/analyze.html?d=dashboard.gr

I ran this command:
Trying to visit the website with Firefox 48x, Chrome 49x on OS X 10.6.8

It produced this output:

Your connection is not secure
The website tried to negotiate an inadequate level of security.

Website uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.
Error code: NS_ERROR_NET_INADEQUATE_SECURITY

My operating system is (include version):
Centos 7 + CloudLinux
My web server is (include version):
Apache / nginx
My hosting provider, if applicable, is:
My hosting provider said that my browsers are outdated, that’s why I am getting these errors. I should update my browsers.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Onyx


#2

What version of Firefox are you using? SSL Labs indicates that Firefox 47 is unable to negotiate a cipher suite with your server that’s usable with HTTP/2 (which blacklists some ciphers that your server otherwise supports). I can confirm that it works with Firefox 50, and SSL Labs says it works with Firefox 49 as well (I think TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 was added in that version).

I’d probably try to change the cipher suite configuration and see if you can add any that will make these older Firefox versions work with HTTP/2. Mozilla’s SSL Configuration Generator might help here. Alternatively, I suppose disabling HTTP/2 for now would be an option, if your openssl version doesn’t support any of the ciphers you’d need for full Firefox compatibility (though that’d surprise me).


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.