Textpattern CMS support forum

You are not logged in. Register | Login | Help

#31 2018-08-23 12:27:41

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,402

Re: Server migration - status, discussion

uli: more follow up, what do you get if you visit www.howsmyssl.com ?

Offline

#32 2018-08-23 22:26:36

uli
Moderator
From: Cologne
Registered: 2006-08-15
Posts: 4,168

Re: Server migration - status, discussion

gaekwad wrote #313578:

Something to try – reset Chrome SSL state

I’ve tried this but to no avail. I’ve also tried the about:config method for TLS.VER you’ve recommended later on. My values were all default, so I couldn’t improve a thing.

From this test here www.howsmyssl.com I got six times a green “good”. In case it tells you something, here’s the cipher suits my FF supports:

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA

The forum profile links I found didn’t work (forum links to the .com forum) came from a post where I handcoded links to spammer profiles in the moderation forum. There may be more such links with .com hardcoded in them in the forum archives, in case someone copied and pasted manually. But the forum script builds the User X wrote links to posts in a different manner (e.g. ./viewtopic.php?pid=313578#p313578), so there’s no tld involved, at least in recent times.

Is it feasible to clear your browser history for the Textpattern sites to check if that helps?

I’ve set up a whole new FF profile for that reason, and I get the same results here, too, SSL_ERROR_NO_CYPHER_OVERLAP on the first screen, and then SSL_ERROR_PROTOCOL_VERSION_ALERT on the second.

Pete, I appreciate all your tips and hints to get my browser back on the tracks. Thank you very much!!

(Have I forgotten to answer something? Sorry if so, it’s late here. Ah yes, my OS is Mountain Lion, 10.8.)


In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links

Offline

#33 2018-08-24 09:12:35

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,402

Re: Server migration - status, discussion

uli: please try now, I’ve changed the cipher suite at the server.

Offline

#34 2018-08-24 11:04:32

uli
Moderator
From: Cologne
Registered: 2006-08-15
Posts: 4,168

Re: Server migration - status, discussion

Yay, it’s back for me! Thank you, Pete!! :)


In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links

Offline

#35 2018-08-24 11:16:02

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,402

Re: Server migration - status, discussion

uli wrote #313613:

Yay, it’s back for me! Thank you, Pete!! :)

Great news! I may end up calling on you again as we fine-tune the settings. The selection of ciphers used has been increased, and should cover modern browsers. It’s a balancing act, but it’s a fun one!

Offline

#36 2018-08-24 11:30:51

uli
Moderator
From: Cologne
Registered: 2006-08-15
Posts: 4,168

Re: Server migration - status, discussion

gaekwad wrote #313614:

I may end up calling on you again as we fine-tune the settings.

Don’t hesitate, I’m glad to give anything back.


In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links

Offline

#37 2018-08-24 11:57:49

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 1,578
Website

Re: Server migration - status, discussion

gaekwad wrote #313614:

The selection of ciphers used has been increased, and should cover modern browsers.

Just out of curiosity, what is the before / after list?

Offline

#38 2018-08-24 13:06:03

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,402

Re: Server migration - status, discussion

phiw13 wrote #313616:

Just out of curiosity, what is the before / after list?

All the gory details here – before was the list from cipherli.st which with hindsight was too restrictive for older browsers.

Current situation outlined here if you’re curious. The cipher strength has gone from 100/100 to 90/100 with the change, but I’m happy with an A+ overall.

Offline

#39 2018-08-24 23:49:57

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 1,578
Website

Re: Server migration - status, discussion

gaekwad wrote #313620:

All the gory details here – before was the list from cipherli.st which with hindsight was too restrictive for older browsers.

Thanks !

Offline

#40 2018-08-25 10:20:36

jakob
Moderator
From: Germany
Registered: 2005-01-20
Posts: 3,249
Website

Re: Server migration - status, discussion

gaekwad wrote #313593:

This period of transition is taking some time because of legacy & custom code in a number of Textpattern sites. There’s a bunch of work to do to get things running on modern code, and keep the flagship sites up-to-date.

Is that something we could help with? I’ve no idea about the forum software, but if you need someone to, say, help rid textpattern.org of the many errors it’s showing, I could probably help out.

And … thanks for all the hard work and consolidation you and others have been doing in the background!


TXP Builders – finely-crafted code, design and txp

Offline

Board footer

Powered by FluxBB