> > I noticed a mate's shopping site over the weekend returning the following > in the connection info for the certificate: >
I just tested my own domain with its 6 month old certificate. I also got a series of frightening warnings: *This server supports SSL 2, which is obsolete and insecure. Grade set to F. This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C.Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2.The server supports only older protocols, but not the current best TLS 1.2. Grade capped to C.This server accepts the RC4 cipher, which is weak. Grade capped to B.* The long and detailed list of test results are quite complicated. I'm not happy about getting an F for flunk grade, but I'm not sure what I can do about it, or if I'm even supposed to do anything. Comments ... anyone knowledgeable on these matters? *Greg K*
