GitLab Pages offering only TLSv1.3
It seems GitLab Pages is only offering TLSv1.3, according to testssl.sh.
I found this when trying to have feed validators examine https://tpo.pages.torproject.net/web/blog/feed.xml
, because my TT-RSS client was unable to add it and I wasn't able to figure out why.
The W3C validator worked but rssboard.com failed with message Server returned [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:727)
and tt-rss.org also failed to retrieve the feed.
# testssl -p https://tpo.pages.torproject.net/web/blog/feed.xml
###########################################################
testssl 3.0.4 from https://testssl.sh/
This program is free software. Distribution and
modification under GPLv2 permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
###########################################################
Using "OpenSSL 1.1.1k 25 Mar 2021" [~81 ciphers]
on jadid:/usr/bin/openssl
(built: "Aug 24 08:28:12 2021", platform: "debian-amd64")
Start 2021-10-26 11:00:20 -->> 116.202.120.180:443 (tpo.pages.torproject.net) <<--
Further IP addresses: 2a01:4f8:fff0:4f:266:37ff:feb8:3489
rDNS (116.202.120.180): gitlab-02.torproject.org.
Service detected: HTTP
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 not offered
TLS 1.1 not offered
TLS 1.2 not offered
TLS 1.3 offered (OK): final
NPN/SPDY not offered
ALPN/HTTP2 h2, http/1.1 (offered)
Done 2021-10-26 11:00:31 [ 13s] -->> 116.202.120.180:443 (tpo.pages.torproject.net) <<--