Website not accessible by Mac OS X 10 and Safari 5

H-Lo · July 17, 2023, 1:20pm

My domain is:
thevegcat(dot)com (avoiding preview)

I ran this command:
Try to open website in Safari 5 in Mac OS X 10

It produced this output:
Safari can't open the page "https://thevegcat.com/" because Safari can't establish a secure connection to the server "thevegcat.com"

My web server is (include version):
nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 22.04.2 LTS

My hosting provider, if applicable, is:
Hetzner

I can login to a root shell on my machine (yes or no, or I don't know):
YES

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Hetzner console to power up and down my server and SSH client for the rest

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.6.0

The website is accessible from Windows and phones.

Thanks!!!

Osiris · July 17, 2023, 1:31pm

Which Safari versions are we talking about? All? Or specific versions? On specific OS versions?

Also, SSLLabs doesn't show any issue with the Safari versions they test:

https://www.ssllabs.com/ssltest/analyze.html?d=thevegcat.com&hideResults=on

MikeMcQ · July 17, 2023, 1:45pm

If wiki is right Safari 5 is well beyond support. Can you update it?

Interestingly, SSL Labs starts testing with Safari 6

H-Lo · July 17, 2023, 4:00pm

Hi,

It's not about updating.
I took this Mac from a friend to see how my web performs with older machines.
Which means if someone has Safari 5 on Mac Book Pro with OS X - that person cannot use my website.
Specific versions won't help here because it was more about what do I have to do to make my nginx and SSL usable with old browsers than to make this specific machine and its browser to be able to use my website.

Thanks to all for your replies! <3

H-Lo · July 17, 2023, 4:03pm

I guess they put Safari 5 in the same box with IE 5

MikeMcQ · July 17, 2023, 4:23pm

This isn't really a Let's Encrypt issue. Probably related to the TLS version support by that older system.

If I look at SSL Labs for Facebook it shows Safari 5 needing TLS 1.0, for example.

Osiris · July 17, 2023, 4:41pm

However, I wouldn't advise to enable TLS 1.0 though. Lots of sites have already disabled TLS 1.0 and 1.1. See e.g. SSL Labs Grade Change for TLS 1.0 and TLS 1.1 Protocols | Qualys Security Blog and related references.

webprofusion · July 18, 2023, 2:14am

It's also worth pointing out that if someone is using Safari 5, they probably cannot access millions of websites, so it's not just yours.

As an aside, I have a mid 2009 macbook pro and it can access all modern websites, you can install the dosdude1 patcher to get a more modern OS on it. Maintaining backwards compatibility conflicts with the priority of having robust security, and you only get to pick one.

H-Lo · July 18, 2023, 8:59am

Hi all!
Yesterday I invested some time to explore this pretty old MacBook and yes, I can agree it's not worth making adjustments for such and old machines. The machine is totally outdated, none of applications could be updated, Firefox is stuck on version 6 and so on.
Thank you all again, I'll stick with my nginx config without changes in order to have secure data transfer which is more important than supporting Eniac

system · August 17, 2023, 9:00am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.