Hardenize Compatibility Issue With Let's Encrypt Certs Using tlsserver

grapheneos.social

Hardenize Compatibility Issue With Let's Encrypt Certs Using tlsserver

grapheneos.social

KindnessInfinity@lemmy.mlM to

GrapheneOS [Unofficial]@lemmy.mlEnglish · 5 days ago

GrapheneOS (@GrapheneOS@grapheneos.social)

grapheneos.social

We deployed `tlsserver` for our services to prepare for `shortlived`: https://grapheneos.social/@GrapheneOS/114452845473608945 We didn't deploy it for SMTP because too many mail servers likely still lack SNI support. For SUPL, we did a hybrid deployment until we're ready to drop 4th/5th gen Pixel support.

We noticed Hardenize (https://www.hardenize.com/) isn’t compatible with Let’s Encrypt certificates using the recently launched tlsserver profile. See https://letsencrypt.org/docs/profiles/ for details, it mainly drops non-SNI client support. Maybe we have a contact who can get it fixed quickly.

We deployed tlsserver for our services to prepare for shortlived:

https://grapheneos.social/@GrapheneOS/114452845473608945

We didn’t deploy it for SMTP because too many mail servers likely still lack SNI support. For SUPL, we did a hybrid deployment until we’re ready to drop 4th/5th gen Pixel support.

You must log in or register to comment.

Chat

GrapheneOS [Unofficial]@lemmy.ml

grapheneos@lemmy.ml

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !grapheneos@lemmy.ml

Community locked: only moderators can create posts. You can still comment on posts.

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links