[Tracker-discuss] [issue603] update the SSL certificate

2018-11-12 Thread Franklin Yu
Franklin Yu added the comment: There are four grade-capping issues, all of which are about SSL/TLS configuration on server, instead of certificates. The title is misleading here. The TLS version is the easiest issue to fix. Note: when any browser visit the link of SSL Labs, SSL Labs will sca

[Tracker-discuss] [issue603] update the SSL certificate

2018-06-09 Thread Berker Peksag
Berker Peksag added the comment: > * The server supports only older protocols, but not the current best TLS 1.2. > Grade capped to C. There is an open issue for this item: issue 578 I'm not sure whether we should close that as a duplicate of this one. -- nosy: +berker.peksag ___

[Tracker-discuss] [issue603] update the SSL certificate

2018-05-31 Thread John Rouillard
John Rouillard added the comment: r.david.murray said: > I don't understand the 'cert expires' part, it was renewed in September of > 2015. You probably know this now but the cert may use an md5 signature which is not recommended for longer lived certs (e.g. post 2015).Sha1 is the preferred

[Tracker-discuss] [issue603] update the SSL certificate

2016-08-09 Thread R David Murray
R David Murray added the comment: Well, we can edit the apache server config too. In fact, I thought I'd done the diffie-hellman fix, but I guess I didn't. I don't understand the 'cert expires' part, it was renewed in September of 2015. Is there any reason we couldn't use letsencrypt for bugs

[Tracker-discuss] [issue603] update the SSL certificate

2016-08-06 Thread Nick Coghlan
Nick Coghlan added the comment: I'm not sure why the direct link isn't working, but if you click on the "46.4.197.70" heading it will take you through to the detailed report. "High"lights: * This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B. * Certificat

[Tracker-discuss] [issue603] update the SSL certificate

2016-08-03 Thread R David Murray
R David Murray added the comment: Grade: C. That is pretty uninformative. Did I miss something? -- nosy: +r.david.murray status: unread -> chatting ___ PSF Meta Tracker ___

[Tracker-discuss] [issue603] update the SSL certificate

2016-08-02 Thread Stéphane Wirtel
New submission from Stéphane Wirtel: See this report on https://bugs.python.org https://www.ssllabs.com/ssltest/analyze.html?d=bugs.python.org&s=2a01%3a4f8%3a131%3a2480%3a0%3a0%3a0%3a3&latest https://www.ssllabs.com/ssltest/analyze.html?d=bugs.python.org&s=46.4.197.70 Thank you, Stephane ---