It's quite fun to see it get an 'F' rating at https://www.ssllabs.com/ssltest/analyze.html?d=www.dslchecker.bt.com
However, a pragmatic (short-term) solution might just be to drop the first 's` from the number checker's URL and use it over plain HTTP, since that works. Cheers, Gavin. On 6 April 2017 at 15:54, James Harrison <[email protected]> wrote: > On 06/04/17 15:46, Neil J. McRae wrote: > > So you are still seeing an issue on ? > > > > https://www.dslchecker.bt.com/ > > > > Which is the correct URL to use? > > > > On my iPhone it seems ok but safari on iPhone isn't the best browser > > for diag on this! > > > > Cheers > > Neil > > It's using a SHA-1 certificate hash, which many browsers now reject on > recently-issued certificates as the algorithm has been proven weak. > > https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html > > https://social.technet.microsoft.com/wiki/contents/articles/32288.windows- > enforcement-of-sha1-certificates.aspx#February_TwentySeventeen_Plan > > https://blog.mozilla.org/security/2015/10/20/ > continuing-to-phase-out-sha-1-certificates/ > > Jan 2017 was the cut-off date most agreed on for any certificates. It > needs a new cert in June anyway, so might as well get the upgrade over > and done with early! :-) > > Cheers, > James Harrison > >
