Chrome states webmail is no longer secure due to TLS1.0

Chrome states webmail is no longer secure due to TLS1.0

Postby Jodrik » Thu Sep 03, 2015 9:24 am

I have attached a screen-shot which now makes Chrome state that TLS 1.0 sites are no longer secure. When is AMS moving to TLS 1.1 or above?
Attachments
AMS-Chrome-error.png
AMS-Chrome-error.png (29.53 KiB) Viewed 8334 times
Jodrik
 
Posts: 40
Joined: Wed Sep 19, 2007 8:39 am
Location: Netherlands

Re: Chrome states webmail is no longer secure due to TLS1.0

Postby HVGS » Thu Sep 03, 2015 10:53 pm

Hi,

There is an option in 3.2.6 to choose the TLS level.
1.0/1.1 or 1.2 can be selected.

It's under the general option then security tab.

I upped to 1.2 but found old iphones (running IOS7) cannot connect to any secure services as this is a global setting.

Regards,
Phil
HVGS
 
Posts: 33
Joined: Wed Jan 30, 2008 6:02 am

Re: Chrome states webmail is no longer secure due to TLS1.0

Postby Code Crafters » Fri Sep 04, 2015 8:52 am

HGVS is right that we've disabled SSL v2/3 support for listening services (SMTP, POP3, IMAP4, WebMail, Remote Admin) and have introduced a general setting to pick TLS v1.0, v1.1 or v1.2.

Picking a newer TLS version is more secure but also less compatible with older mail clients which is why we've up to now left TLS v1.0 as default.

If you feel that a TLS version setting per service would be useful then we can always keep a general setting default and introduce optional overrides for each service. Obviously mail clients using SMTP, POP3 and IMAP4 will only support the same versions for all 3 services but web browser based services (Webmail and Remote Admin) may benefit from being a different TLS version.
Code Crafters
 
Posts: 943
Joined: Mon Sep 10, 2007 2:35 pm

Re: Chrome states webmail is no longer secure due to TLS1.0

Postby Jodrik » Fri Sep 04, 2015 10:10 am

I found the setting but my problem was actually in the fact that I used an old cypher suite on requesting the certificate. I re-issued my certificate and that solved the problem.
Jodrik
 
Posts: 40
Joined: Wed Sep 19, 2007 8:39 am
Location: Netherlands

Re: Chrome states webmail is no longer secure due to TLS1.0

Postby Code Crafters » Sat Sep 05, 2015 9:23 pm

Thanks for the feedback. Glad you managed to solve the issue.
Code Crafters
 
Posts: 943
Joined: Mon Sep 10, 2007 2:35 pm


Return to General

Who is online

Users browsing this forum: No registered users and 30 guests

cron