• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

Question PFS Perfect Forward Secrecy with Plesk mailserver?

I see this is already happening.
Maybe i can whipe out the weak protocols with following command:
Code: 
/usr/local/psa/bin/server_pref -u -ssl-protocols "TLSv1.2"

Would this bring any disadvantages?
 
@daanse

A whole lot of "clients" could be excluded from access to specific services that are set to use TLSv1.2.

For instance, a whole bunch of mobile devices running Android would not be able to make the connections.

You can obtain a whole lot of information by simply running the SSLtest tool at: SSL Server Test (Powered by Qualys SSL Labs)

Just have a look at the part "Handshake Simulation", after running a test on some random (but existing) domain.

Regards.....
 
You must log in or register to reply here.

Similar threads

A
Question Update Let's Encrypt not working with mailserver SSL
Replies
0
Views
840
ahbirkner
A
Back
Top