Google Chrome “Your connection to website is encrypted with obsolete cipher suite”


#1

I just installed my LetsEncrypt cert and all browsers are green, but Chrome warns me when viewing the cert info that the cipher suite is obsolete.

The connection uses TSL 1.2, server is CentOS 7

Encrypted with

Used the first script here https://www.virtualmin.com/node/39175 to generate the cert.


#2

Hello @giorgio79,

The warning is not because of Let’s Encrypt certificate but the ssl cipher suite your web server is offering to the browser.

I don’t know what is the web server you are using but in this page https://mozilla.github.io/server-side-tls/ssl-config-generator/ you will find example confs for different web servers (in your case pay attention to cipher directives):

In apache:

SSLCipherSuite here_the_cipher_list
SSLHonorCipherOrder on

In nginx:

ssl_ciphers 'here_the_cipher_list';
ssl_prefer_server_ciphers on;

You should choose what is the cipher list that suits your needs (modern, intermediate or old). Check this page to see the difference between them https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility

Good luck,
sahsanu