Resolved Plesk not support Forward Secrecy

T

timscha

Guest
Hello!

Right now, I'm testing a brand new installation of Plesk on Debian 9.
I did a SSL check on ssllabs and got downgraded to B because Forward Secrecy is not supported.

What I did - for every domain:

- Using nginx
- Activate SSL using the SSLit extension
- activated HSTS and OCSP Stapling
- Using modern TLS versions and ciphers by Mozilla

Maybe someone has an idea how to fix this?

Thanks
 
I have A+ rating there for my domain and Plesk Obsidian and the same configs with Let'sEncrypt certificate. The difference only in OS - I have CentOS7 there.
What is the output of the following command:

$ curl -s -D- https://your.domain.tld | grep strict

?
 
Really interesting. I fixed it by re-running the mozilla sync. Now I got an A+ :)
 
You must log in or register to reply here.

Similar threads

Bitpalast
Issue Potential issue with OCSP stapling
Replies
17
Views
11K
mow
M
S
Issue BIND on Debian 13 / 18.0.74 problems with DNSSEC??
Replies
3
Views
376
scsa20
scsa20
B
Issue Unable to issue a Let's Encrypt certificate for domain with forwarding hosting type: nginx is not installed or is disabled on the Plesk server
Replies
1
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
F
Issue OCSP for Plesk-Panel does not work
Replies
5
Views
3K
Peter Debik
P
T
Resolved PayPal unable to reach server
Replies
4
Views
2K
trippy
T
Back
Top