Project

General

Profile

Actions

Defect #30255

closed

This site can’t provide a secure connection www.redmine.org uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Added by Anatolii Vorona over 5 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Category:
Website (redmine.org)
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

I'm using chrome with option --ssl-version-min=tls1.2
And can't access to https://www.redmine.org/
The vulnerabilities within SSL and early TLS are serious.
Please update your SSL/TLS configuration.

!Screenshot from 2018-12-20 09-32-46.png!
!Screenshot from 2018-12-20 09-32-20.png!

I recommend you to check result with this link https://www.ssllabs.com/ssltest/analyze.html?d=www.redmine.org


Files

Actions #2

Updated by Bernhard Rohloff over 5 years ago

The Qualys rating is really awful!
jp jp If we can help you in any kind of way don't feel afraid to ask. :-)

Actions #4

Updated by Franklin Yu about 5 years ago

There has been an issue #29202, but it was marked as duplicate of an internal issue.

Actions #6

Updated by Jan Niggemann (redmine.org team member) over 4 years ago

jp jp: We have 6 months before TLS 1.1 support is dropped. How can we assist you / what can we do to get the server updated?

Actions #7

Updated by Go MAEDA about 4 years ago

  • Status changed from New to Closed
  • Resolution set to Fixed

www.redmine.org now supports TLS 1.2.

$ curl --tlsv1.2 --head https://www.redmine.org/
HTTP/1.1 200 OK
Date: Fri, 10 Jan 2020 02:15:59 GMT
Server: Apache
X-UA-Compatible: IE=Edge,chrome=1
.
.
.
Actions

Also available in: Atom PDF