I came across an unusual issue while trying to share a URL to fetch a Twitter Card.
The domain already had a comodo SSL Certificate. And it was working fine. A quick check of the SSL certificate on Qualys SSL Labs, showed that the domain’s SSL certificate had a really low rating.
There were many issues that had to be incorporated to increase the certificate’s rating from
Following are the changes I made to my server’s certificate settings:
Turn off SSLv2 and SSLv3:
SSLProtocol all -SSLv3 -SSLv2
Modify Cipher suites:
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
The above changes need to be made in the
However, these changes might slow down your website and pose issues for Googlebot during indexing and Pagespeed insights as
curl might fail to get the contents of your website.
Please refer thh Mozilla wiki docs for other changes that need to be updated with regarding SSL security.