searched a lot but did not figure out the reason. I had a https webserver running on my local mac-mini with no noticeable issue months ago, using certbot. But now the same https-web was blocked by Chrome (not secure) and was warned 'weak encryption' by Firefox. (check demo: https://wklytics.com)
The webserver is python twisted, with hostname purchased from no-ip.com (who told me issue is not on their side..). Checked and searched twisted python script, it is using default openssl (not sure this will be the issue or not). Hope some experts could help.
------- standard questions -------------------------
My domain is:
I ran this command:
certbot: started a year ago with no issue,
'certbot certonly --webroot -w xxpath -d wklytics.com'
'certbot renew': shows the current cert is still good
Webserver, python twisted webserver (python 2.7), keycode:
sslContext = ssl.DefaultOpenSSLContextFactory( self.config['https']['ssl_key'], # Private Key from certbot self.config['https']['ssl_cert'] # Certificate from certbot ) https_factory = Site(https_root) reactor.listenSSL(self.config['https']['port'],https_factory, sslContext); reactor.run()
It produced this output:
It showed 'weak encryption connection is not secure' in Firefox and blocked in Chrome (i.e. https://wklytics.com). Strangely, this issue was not there when it was started.
My web server is (include version):
python 2.7.14, twisted 19:10.0
The operating system my web server runs on is (include version):
mac-mini: macOS 10.10.5
My hosting provider, if applicable, is:
Hosting on my local mac (I purchase domain name from no-ip.com)
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
bash (python script to run web server)
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):