Weak certificate and obsolete SSL/HTTPS settings on boinc.berkeley.edu, 2016

Message boards : Questions and problems : Weak certificate and obsolete SSL/HTTPS settings on boinc.berkeley.edu, 2016
Message board moderation

To post messages, you must log in.

AuthorMessage
Necroman

Send message
Joined: 29 Aug 10
Posts: 6
Czech Republic
Message 73448 - Posted: 19 Oct 2016, 18:03:43 UTC
Last modified: 19 Oct 2016, 18:05:22 UTC

Hi,

following the discussion that happened one year ago:

The website boinc.berkeley.edu still uses SHA1 domain certificate.
Certificates with SHA1 signatures are not considered secure since January 2016 and will be marked as untrusted in Chrome/Firefox/Opera starting January 2017, see this Mozilla Blogpost for details.

The TLS configuration is also obsolete and needs some tuning, especially removing support for old and insecure cipher suites is necessary.

Please make sure the web uses SHA2 domain certificate before end of this year, otherwise users won't be able to access your site.
Note you can get free trusted domain certificates from Let's Encrypt CA.

Thanks
ID: 73448 · Report as offensive

Message boards : Questions and problems : Weak certificate and obsolete SSL/HTTPS settings on boinc.berkeley.edu, 2016

Copyright © 2022 University of California. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.