Closed sethcarlton closed 4 months ago
After looking into this further, the ssl protocol errors I'm seeing may be caused by the strictness of TLS 1.2 (2021) - I am only seeing the issue on certain public networks (like coffee shops). Still looking into it to determine what the root cause is.
Modifying the minimum protocol for the redirect may not actually be the best approach. If it's only redirecting maybe it is better to optimize for compatibility? Or maybe use the oldest version of TLS 1.2 (2018)
Yeah I think compatibility makes the most sense here.
Agreed. Closing this PR
Sets the TLS version to 1.2 (recommended) for the https redirect distribution. This matches the default for the base cdn distribution as well.
Previously was falling back to TLS 1.0 as the default