Cloud security with SSL

Hi All,

I had the occasion to test out my Xojo Cloud site with an SSL checker …

Its message to me was that the site passed muster OK except for the following issue:-

This site accepts connections with a weak cipher suite! Cipher suites with an encryption lower than 128 bit are not safe and should not be accepted. Normally modern browsers don?t use weak ciphers by default, but on this site hackers could force a lower encryption session.

This was not a Fail, but a Caution.

Is this my issue (i.e. related to my RapidSSL cert) or Xojo’s issue (i.e. related to how Xojo Cloud operates) ?

Any thoughts or observations would be appreciated.

Tony Barry

The latter. When doing SSL termination the ciphers are selected in the configuration.

Thank you kindly, Phillip.

Much appreciated.

Tony Barry