Siteimprove remove support for insecure TLS ciphers - April 30th 2021
By Sean Needham
- Why are we making this change?
- How can you identify an issue related to this change?
- What operating systems and browser combinations are affected?
- Which TLS ciphers are being deprecated?
- What should I do if I see issues related to this change?
Why are we making this change?
To improve web security, Siteimprove will remove support for insecure Transport Layer Security (TLS) ciphers.
This is part of Siteimprove’s initiatives on enhancing the security of our platform and the security of our users accessing the platform, similar to how we have previously discontinued support for deprecated TLS protocols (see article: Discontinuing support for deprecated TLS encryption protocols).
Removing support for insecure TLS ciphers means that some older operating system and browser combinations, as listed later in this article, will no longer be supported. This may impact a small number of users.
You can see a list of supported browsers here: Siteimprove Intelligence Platform: Supported Browsers.
This change will result in added security for the Siteimprove platform and have the additional benefit of improved web security for users who update their Operating System(OS) and browser.
How can you identify an issue related to this change?
If you have any problems accessing the Siteimprove platform related to TLS it may be because of this change. Here are some examples of TLS related errors you may see:
- Secure connection failed
- Handshake error
- TLS error
What operating systems and browser combinations are affected?
The affected OS and Browser combinations are as follows:
- IE11 on Windows 7
- IE11 on Windows 8
- IE11 on Windows 8.1
- IE11 on Windows Phone 8.
- Safari 6 on iOS 6
- Safari 7 on iOS 7 and OSX 10.9
- Safari 8 on iOS 8 and OSX 10.10
Which TLS ciphers are being deprecated?
What should I do if I see issues related to this change?
If you are using an affected OS browser combination, we recommend you take one or both of the following actions:
- Change your browser to one that is not in the affected combinations.
- Update your operating system to one that is not in the affected combinations.
If you have any questions relating to this please contact Siteimprove technical support.