Chrome has been complaining “Your connection to website is encrypted with obsolete cryptography”. I made a change to my
SSLCipherSuite string located at
/etc/apache2/mods-available/ssl.conf to fix this.
Chrome would like you to be using anything with a higher hash than SHA1 and using GCM instead of CBC suites. For a simple fix, we can move the one Chrome currently prefers to the top of the list:
This will be fine until Chrome (and other browsers) support AES256-GCM-SHA384. If you don’t mind a longer string and would like to future-proof now, you can change your string to:
Make sure you have
SSLHonorCipherOrder set to on: