Last post Jul 18, 2018 01:08 PM by Brando ZWZ
Jul 17, 2018 07:42 AM|6hartanto|LINK
This is my first project with ASP.NET MVC. I get a security warning on my website that I woke up with ASP.NET MVC, the warning is:
Connection - obsolete connection settings
The connection to this site uses TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_256_CBC with HMAC-SHA1 (an obsolete cipher).
The website uses shared hosting. Can I resolve the warning without contact the hosting provider? If so, how can I fix it?
Jul 17, 2018 08:48 AM|mudassarkhan|LINK
can you share which code is throwing this error?
Jul 18, 2018 01:08 PM|Brando ZWZ|LINK
As far as I know, if you used chrome browser it may show this warning.
Chrome considers "modern" cipher suite as ECDHE with GCM, which isn't supported before IIS 10, which we aren't on.
I suggest you could use IISCrypto tool to help you to configure the server to eliminate obsolete SSL/TLS properties
More details, you could refer to below article: