HTTPS

From Rixort Wiki
Jump to navigation Jump to search

Ways to improve HTTPS connections

  • DNS CAA records - these restrict which certificate authorities are valid for the domain.
  • Support TLSv1.3
  • Do not support SSLv3 or lower
  • Disable support for TLS 1.0 and TLS 1.1, but beware of incompatible clients