26 Mar 2020 16:46 by Alexander John (CML)
Length: 1 minute, 7 seconds (223 words)
We have removed support for TLS 1.0 and TLS 1.1 from our servers with immediate effect (16:00, 26th March 2020). This has been done to enhance the security of our services and is accordance with best practices as outlined in IETF RFC 7525. TLS 1.0 and 1.1 have known security issues and there are no fixes or patches available.
If you are using a certificate based on either of these protocols, you must update them with a TLS 1.2+ certificate immediately. If you are, or wish to be, PCI-DSS compliant, you should adopt TLS 1.2+.
Most mainstream web browsers will cease support for TLS 1.0 and TLS 1.2 in the first half of 2020. Approximate deadlines are:
- Microsoft IE & Edge - first half of 2020
- Mozilla Firefox - March 2020
- Safari/WebKit - March 2020
- Google Chrome - January 2020
Most web browsers will issue a security warning if you attempt to connect to a website using either TLS 1.0 or TLS 1.1. To ensure you receive the best possible protection, we advise you to upgrade your web browser to the latest version. Most web browsers will do this automatically.
Let's Encrypt / SSLForFree Certificates
All free certificates generated through our hosting control panel since the beginning of March have been TLS 1.2+.