Chrome states webmail is no longer secure due to TLS1.0

[Jodrik]

I have attached a screen-shot which now makes Chrome state that TLS 1.0 sites are no longer secure. When is AMS moving to TLS 1.1 or above?

[HVGS]

Hi,

There is an option in 3.2.6 to choose the TLS level.
1.0/1.1 or 1.2 can be selected.

It's under the general option then security tab.

I upped to 1.2 but found old iphones (running IOS7) cannot connect to any secure services as this is a global setting.

Regards,
Phil

[Code Crafters]

HGVS is right that we've disabled SSL v2/3 support for listening services (SMTP, POP3, IMAP4, WebMail, Remote Admin) and have introduced a general setting to pick TLS v1.0, v1.1 or v1.2.

Picking a newer TLS version is more secure but also less compatible with older mail clients which is why we've up to now left TLS v1.0 as default.

If you feel that a TLS version setting per service would be useful then we can always keep a general setting default and introduce optional overrides for each service. Obviously mail clients using SMTP, POP3 and IMAP4 will only support the same versions for all 3 services but web browser based services (Webmail and Remote Admin) may benefit from being a different TLS version.

[Jodrik]

I found the setting but my problem was actually in the fact that I used an old cypher suite on requesting the certificate. I re-issued my certificate and that solved the problem.

[Code Crafters]

Thanks for the feedback. Glad you managed to solve the issue.