Problem with letsencrypt. page does not open with new browsers


#1

Hello after an update of letsencrypt I got this error message with firefox, chrome and opera and the site was working with safari and internet explorer older version:

ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY

I was reading about this problem and was trying to fix it with some advise, but it was not working. So I was reinstalling the server with Ubuntu.

  1. installed easyengine, the stack and letsencrypt wget -qO ee rt.cx/ee && sudo bash ee sudo ee stack install sudo apt-get install letsencrypt

  2. created the webpage and run letsencyrpt

Nginx configuration wp wpredis (enabled) PHP Version 7.0 HHVM disabled SSL enabled SSL PROVIDER Lets Encrypt SSL EXPIRY DATE Tue Sep 11 18:33:39 UTC 2018

listen 443 ssl http2; ssl on; ssl_certificate /etc/letsencrypt/live/kochenausliebe.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/kochenausliebe.com/privkey.pem;

restarted the server and I do still get the same error.

so I run a test to check the ssl:

https://www.ssllabs.com/ssltest/analyze.html?d=kochenausliebe.com

with this result. some older browser were doing ok, but all newer version were blacklisted:

Chrome 49 / XP SP3 Server negotiated HTTP/2 with blacklisted suite RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_RSA_WITH_AES_128_CBC_SHA Chrome 65 / Win 7 R Server negotiated HTTP/2 with blacklisted suite RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_RSA_WITH_AES_256_GCM_SHA384 Firefox 31.3.0 ESR / Win 7 RSA 2048 (SHA256) TLS 1.2 TLS_RSA_WITH_AES_128_CBC_SHA No FS Firefox 47 / Win 7 R Server negotiated HTTP/2 with blacklisted suite RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_RSA_WITH_AES_128_CBC_SHA Firefox 49 / XP SP3 Server negotiated HTTP/2 with blacklisted suite RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_RSA_WITH_AES_128_CBC_SHA Firefox 59 / Win 7 R Server negotiated HTTP/2 with blacklisted suite RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_RSA_WITH_AES_128_CBC_SHA

I was installing before several webpages with easyengine and it was always without any problem, but now not even the basic page with ssl certificate is working.

Please help me to fix this problem


#2

Come on, man… This issue has been discussed several times.

Please, use the Search on top of the page and you’ll find all the answers and workarounds people kindly suggested.


#3

https://community.easyengine.io/search?q=ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY


#4