Information about TLS 1.3 and 1.2


!!! UPDATE !!!

  • I enabled TLS 1.2 again because of many user requests. Apparently there are more people out there with “older” hardware than I thought.

Hey!

I decided to disable TLS 1.2 support and only allow TLS 1.3 on rootdo.com and every sub domain.

In case somebody wants to check the site and TLS with https://cryptcheck.fr (very popular site in the community)

You will see an error like this

Screenshot_20240525_155901.png

The reason is given by the maintainer of the site cryptcheck.fr as following:

Hello!
It’s currently not possible. I’m tied to OpenSSL 1.0.x to support old/deprecated ciphers like SSLv2 or RC4, but 1.2.x is required for TLSv1.3 which remove all deprecated world support with no way to reactivate it at build time. And there is no simple way to use 2 differents OpenSSL binding on the same ruby setup (OpenSSL support is built-in in Ruby core extension…).

Source: https://github.com/aeris/cryptcheck/issues/46#issuecomment-533865220

This was the last time I tested with the TLS 1.2 version enabled.
Screenshot_20240525_155542.png

rootdo.com

FOSS / Services / Self-Hosting / Linux / Privacy / Security / Open Source


By rootdo.com, 2024-05-25