Improvements in HTTPS

Print
Details
Most of you know that web addresses beginning with "https" use secure connections. The original protocol name for those secure connections was Secure Sockets Layer (SSL). Over the years, that has evolved into Transport Layer Security (TLS). Many people still call it SSL even though all versions of SSL are obsolete.

TLS and SSL represent a family of protocols, and each protocol has several variations. When your web browser contacts a server using TLS, the browser sends a list of protocols and variations that it supports. The server picks the best combination that it also supports. All of that happens in an instant, and the web browser and the server begin their secure conversation.

We have recently made a few enhancements related to TLS for all AcceptIO-hosted web sites, including AcceptIO.com. If you control or influence the operation of any other web sites, we encourage you to do the same things.
Over the years, many protocol versions and variations have become obsolete, either  because they had technical problems or because of discoveries of weaknesses in encryption algorithms. We have changed the AcceptIO web server configuration so that it no longer supports those obsolete versions. (For the technically inclined, that means the server will not support protocols older than TLS 1.2, we don't support low-security algorithms, and we specifically disallow some encryption families that have known weaknesses.)
All connections to all AcceptIO-hosted web sites is now secure. If you connect using an "http" web address, the server will automatically redirect you to the equivalent "https" web address. This is part of a world-wide movement to secure all web connections on the Internet. 
We have switched to using security certificates from the non-profit Let's Encrypt project. Those certificates are trusted by recent versions of all popular web browsers. We took the opportunity to use a matching certificate for all AcceptIO-hosted web sites. Previously, all of those sites used the AcceptIO.com certificate, which meant that web browsers gave warnings about mis-matched server names. You should not see any certificate warnings in your browser now.