mirror of
https://github.com/certbot/certbot.git
synced 2026-06-07 07:42:08 -04:00
e3dbd9ce4a
As discussed at https://github.com/mozilla/server-side-tls/issues/263, Mozilla's current intermediate recommendations drop support for some non-EOL'd versions of IE. [Their TLS recommendations were updated to suggest a couple possible workarounds for people who need this support](https://github.com/mozilla/server-side-tls/pull/264) and [April suggested that we make this change in Certbot](https://github.com/mozilla/server-side-tls/issues/263#issuecomment-537085728). We know `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA` translates to `ECDHE-RSA-AES128-SHA` because [nginx uses the same cipher format as OpenSSL](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers) and the translation is shown in the table at https://github.com/mozilla/server-side-tls/blob/gh-pages/Cipher_Suites.mediawiki. The risk of regressions making this change is low as we always had this ciphersuite enabled just a few releases ago: https://github.com/certbot/certbot/tree/v0.36.0/certbot-nginx/certbot_nginx * Keep compatibility with IE11 * update changelog |
||
|---|---|---|
| .. | ||
| certbot_nginx | ||
| docs | ||
| tests | ||
| LICENSE.txt | ||
| local-oldest-requirements.txt | ||
| MANIFEST.in | ||
| README.rst | ||
| readthedocs.org.requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
Nginx plugin for Certbot