[BlueOnyx:18542] Re: SSL Help please
Colin Jack
colin at mainline.co.uk
Mon Oct 19 02:45:37 -05 2015
Hi Michael,
>
>Yeah, two things here: TLS 1.0 really limits our options. The other
>problem is that SHA1 for certs or intermediates is starting to get the
>red flag. I'm not sure if browsers have already started to flag these as
>invalid, or if that is still planned for the close future. If it has not
>already happened, it'll happen soon.
>
>So my suggestion would be to get another SSL certificate. When you
>generate the cert request for it, clean out your /certs directory to
>start with a fresh private key for the SSL certificate (just in case).
>Once you get a new cert, you'll also get fresh intermediates. If they
>still hand you a SHA1 intermediate, then it's likely that the SSL vendor
>sucks. :p
>
This is Thawte who I would have thought ought to be up to speed … but I hear what you are saying.
Maybe move the website onto one of my later VPS?
Many thanks
Colin
More information about the Blueonyx
mailing list