I am trying to add ISRG’s new root CA certificate to our old platform, but the test site (https://valid-isrgrootx1.letsencrypt.org/) seems only allows ciphers with PFS as followings.
Since PFS has not been supported on that platform because of memory compatibility of applications, the handshake fails with “Client hello” before “Server Hello, Certificate” .
Although we will add ISRG Root X1 regardless of this request,
I’d appreciate it if you would relax cipher suites of https://valid-isrgrootx1.letsencrypt.org?
It would be enough for me to be allowed any of the following:(https://letsencrypt.org seems to support these)