|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #70762 TLS configuration of is bad
Submitted: 2015-10-21 18:54 UTC Modified: 2018-10-24 21:22 UTC
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: zeev dot tarantov at gmail dot com Assigned: petk (profile)
Status: Closed Package: Systems problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: zeev dot tarantov at gmail dot com
New email:
PHP Version: OS:


 [2015-10-21 18:54 UTC] zeev dot tarantov at gmail dot com
------------ is served by Apache/2.2.16 (Debian) on
It only supports TLS 1.0, uses a common 1024bit DH group, supports RC4, does not support ECDHE or GCM and it has a SHA1 certificate. has good TLs configuration, so you can do better.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-19 20:38 UTC]
-Package: Website problem +Package: Systems problem
 [2017-01-19 20:38 UTC]
Moving to the systems package.
 [2017-12-05 20:34 UTC] royanee at gmail dot com
TLS 1.2 is going to be the only supported version on some systems in the near future. One of my browsers already refuses to let me access, so this isn't just insecure, it's actively preventing users from accessing the site.
 [2018-10-24 21:22 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: petk
 [2018-10-24 21:22 UTC]
Hello, thank you for reporting. At the time of this writing the SSL certificate for now supports the TLS 1.2 and reaches A grade on the SSL Server Test site. If you experience further issues, report please.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Dec 08 08:01:27 2023 UTC