Production site gives TLS 1.0 handshake failure

[ulidtko]

Hi,

https://www.stackage.org/ was working alright yesterday, but looks like this today:

Per wireshark, the server sends a TLS 1.0 Handshake Failure in place of Server Hello:

Just making sure if this is known and being looked at?

[ulidtko]

SSLyze report:

 CHECKING CONNECTIVITY TO SERVER(S)
 ----------------------------------

   stackage.org:443          => ERROR: TLS probing failed: could not find a TLS version and cipher suite supported by the server; discarding scan.

 SCANS COMPLETED IN 1.436188 S
 -----------------------------

 COMPLIANCE AGAINST MOZILLA TLS CONFIGURATION
 --------------------------------------------

    Checking results against Mozilla's "intermediate" configuration. See https://ssl-config.mozilla.org/ for more details.

    stackage.org:443: ERROR - Scan did not run successfully; review the scan logs above.

[ulidtko]

Ping @mihaimaruseac @andreasabel @snoyberg :point_up:

I couldn't get into Haskell Foundation Slack linked from README.

[ulidtko]

Now TLS is good, but gives a redirect loop... Good to see someone's working on it :pray:

HTTP/2 308 
date: Thu, 21 Dec 2023 10:07:07 GMT
content-type: text/html
location: https://www.stackage.org
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1My8yjyFtFBOjrBgagWtPWG62V%2BH0KvLijdX8t24ktQeq%2F5UQVCC%2BZYE19%2BnA5%2Bx6zxc1ZV6cfLcL%2BzJEJwrpUn38jZhYerfYz8lAzStx%2F1%2BP5id90zXNEtAmJ%2FNeUPNiGLg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 838f50f3ff8418bf-FRA
alt-svc: h3=":443"; ma=86400

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

[snoyberg]

We're in the process of moving DNS into a Cloudflare account, there may be instability over the next few hours. However, it seems to be working at the moment in my testing.