Your web server supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.
Technical details:
Web server IP address Affected ciphers Status
185.199.109.153 AES128-GCM-SHA256 phase out
... AES256-SHA phase out
... AES128-SHA phase out
Test explanation:
We check if your web server supports secure ciphers (algorithm selections) only.
An algorithm selection consists of ciphers for four cryptographic functions: 1) key exchange, 2) certificate verification, 3) bulk encryption, and 4) hashing. A web server may support more than one algorithm selection.
Since TLS 1.3, the term 'cipher suite' only comprises ciphers used for bulk encryption and hashing. When using TLS 1.3 the ciphers for key exchange and certificate verification are negotiable and not part of the naming of the cipher suite. Because this makes the term 'cipher suite' ambiguous, NCSC-NL uses the term 'algorithm selection' to comprise all four cipher functions.
NCSC-NL uses the IANA naming convention for algorithm selections. Internet.nl uses the OpenSSL naming convention. Since TLS 1.3 OpenSSL follows the IANA naming convention. A translation between both can be found in the OpenSSL documentation.
See 'IT Security Guidelines for Transport Layer Security (TLS)' from NCSC-NL, guideline B2-1 to B2-4 and table 2, 4, 6 and 7 (in English).
Below you find 'Good', 'Sufficient' and 'Phase out' algorithm selections in the by NCSC-NL prescibed order, based on appendix C of the 'IT Security Guidelines for Transport Layer Security (TLS)'. Behind every algorithm selection is the minimum TLS version (e.g. [1.2]) that supports this algorithm selection and that is at least 'Phase out'.
Good:
ECDHE-ECDSA-AES256-GCM-SHA384 (TLS_AES_256_GCM_SHA384 in 1.3) [1.2]
ECDHE-ECDSA-CHACHA20-POLY1305 (TLS_CHACHA20_POLY1305_SHA256 in 1.3) [1.2]
ECDHE-ECDSA-AES128-GCM-SHA256 (TLS_AES_128_GCM_SHA256 in 1.3) [1.2]
ECDHE-RSA-AES256-GCM-SHA384 (TLS_AES_256_GCM_SHA384 in 1.3) [1.2]
ECDHE-RSA-CHACHA20-POLY1305 (TLS_CHACHA20_POLY1305_SHA256 in 1.3) [1.2]
ECDHE-RSA-AES128-GCM-SHA256 (TLS_AES_128_GCM_SHA256 in 1.3) [1.2]
Sufficient:
Your web server supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.
Technical details: Web server IP address Affected ciphers Status 185.199.109.153 AES128-GCM-SHA256 phase out ... AES256-SHA phase out ... AES128-SHA phase out Test explanation: We check if your web server supports secure ciphers (algorithm selections) only.
An algorithm selection consists of ciphers for four cryptographic functions: 1) key exchange, 2) certificate verification, 3) bulk encryption, and 4) hashing. A web server may support more than one algorithm selection.
Since TLS 1.3, the term 'cipher suite' only comprises ciphers used for bulk encryption and hashing. When using TLS 1.3 the ciphers for key exchange and certificate verification are negotiable and not part of the naming of the cipher suite. Because this makes the term 'cipher suite' ambiguous, NCSC-NL uses the term 'algorithm selection' to comprise all four cipher functions.
NCSC-NL uses the IANA naming convention for algorithm selections. Internet.nl uses the OpenSSL naming convention. Since TLS 1.3 OpenSSL follows the IANA naming convention. A translation between both can be found in the OpenSSL documentation.
See 'IT Security Guidelines for Transport Layer Security (TLS)' from NCSC-NL, guideline B2-1 to B2-4 and table 2, 4, 6 and 7 (in English).
Below you find 'Good', 'Sufficient' and 'Phase out' algorithm selections in the by NCSC-NL prescibed order, based on appendix C of the 'IT Security Guidelines for Transport Layer Security (TLS)'. Behind every algorithm selection is the minimum TLS version (e.g. [1.2]) that supports this algorithm selection and that is at least 'Phase out'.
Good:
ECDHE-ECDSA-AES256-GCM-SHA384 (TLS_AES_256_GCM_SHA384 in 1.3) [1.2] ECDHE-ECDSA-CHACHA20-POLY1305 (TLS_CHACHA20_POLY1305_SHA256 in 1.3) [1.2] ECDHE-ECDSA-AES128-GCM-SHA256 (TLS_AES_128_GCM_SHA256 in 1.3) [1.2] ECDHE-RSA-AES256-GCM-SHA384 (TLS_AES_256_GCM_SHA384 in 1.3) [1.2] ECDHE-RSA-CHACHA20-POLY1305 (TLS_CHACHA20_POLY1305_SHA256 in 1.3) [1.2] ECDHE-RSA-AES128-GCM-SHA256 (TLS_AES_128_GCM_SHA256 in 1.3) [1.2] Sufficient:
ECDHE-ECDSA-AES256-SHA384 [1.2] ECDHE-ECDSA-AES256-SHA [1.0] ECDHE-ECDSA-AES128-SHA256 [1.2] ECDHE-ECDSA-AES128-SHA [1.0] ECDHE-RSA-AES256-SHA384 [1.2] ECDHE-RSA-AES256-SHA [1.0] ECDHE-RSA-AES128-SHA256 [1.2] ECDHE-RSA-AES128-SHA [1.0] DHE-RSA-AES256-GCM-SHA384 [1.2] DHE-RSA-CHACHA20-POLY1305 [1.2] DHE-RSA-AES128-GCM-SHA256 [1.2] DHE-RSA-AES256-SHA256 [1.2] DHE-RSA-AES256-SHA [1.0] DHE-RSA-AES128-SHA256 [1.2] DHE-RSA-AES128-SHA [1.0] Phase out:
ECDHE-ECDSA-DES-CBC3-SHA [1.0] ECDHE-RSA-DES-CBC3-SHA [1.0] DHE-RSA-DES-CBC3-SHA [1.0] AES256-GCM-SHA384 [1.2] AES128-GCM-SHA256 [1.2] AES256-SHA256 [1.2] AES256-SHA [1.0] AES128-SHA256 [1.2] AES128-SHA [1.0] DES-CBC3-SHA [1.0]