Просто оставлю это здесь: This server supports insecure Diffie-Hellman (DH) key exchange parameters (Logjam). Grade set to F. MORE INFO » This server supports 512-bit export suites and might be vulnerable to the FREAK attack. Grade set to F. MORE INFO » This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C. MORE INFO » Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2. MORE INFO » The server supports only older protocols, but not the current best TLS 1.2. Grade capped to C. MORE INFO » The server private key is not strong enough. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B. MORE INFO » The server does not support Forward Secrecy with the reference browsers. MORE INFO » This server's certificate chain is incomplete. Grade capped to B. Настоятельно рекомендуется прочесть MORE INFO и таки обновить настройки HTTPS.
bugzilla server чему только не vulnerable. Вынес https:// в отдельный контейнер от греха подальше.
"Кэширую" текущий ответ по ссылке (т.к. тест небыстрый): Overall Rating: T If trust issues are ignored: B This server's certificate is not trusted, see below for details. This server's certificate chain is incomplete. Grade capped to B. This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks. This server supports HTTP Strict Transport Security with long duration.
