Certificate warning about obsolete cipher suite?

Discussion in 'Installation/Configuration' started by Ovidiu, Nov 15, 2015.

  1. Ovidiu

    Ovidiu Active Member

    Running Debian Jessie + ISPCFG3 (perfect server howto)

    I followed this tutorial https://www.howtoforge.com/securing...h-a-free-class1-ssl-certificate-from-startssl to add a HTTPS certificate to my ISPCFG3 panel and for pure-ftp. postifx, dovecote, etc.

    After doing this, my browser now says:
    Is this something I need to worry about and how can I "fix" this?
     
  2. Ovidiu

    Ovidiu Active Member

    Apart from above problem, I tried accessing my emails i.e. via POP3 and found it is warning me about
    tested via:
    Code:
    openssl s_client -connect alfred.ict-consult.co.za:995
    the chain looks like this so where is there a self signed one? I only used what StartTLS provided me !? I am confused now :-(
    Code:
    Certificate chain
    0 s:/C=DE/CN=alfred.ict-consult.co.za/[email protected]
       i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
    1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
       i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
    2 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
       i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
     
  3. Ovidiu

    Ovidiu Active Member

    Can someone share their nginx and sshd cipher configuration?
     
  4. Ovidiu

    Ovidiu Active Member

Share This Page