SSL Errors on iOS
My website https://bitmagi.com is failing to load for iOS users at a pretty high rate. Most people are getting the "..could not establish a secure connection..." error. I bought a cheapo positivessl cert from namecheap not sure if that is the issue. I had a support chat with namecheap last night and they said everything is configured correctly on my end. When I test my site through ssllabs.com it shows that iOS is passing:
https://www.ssllabs.com/ssltest/analyze.html?d=bitmagi.com&s=45.79.3.6
I can't figure out what the heck is going on.
debian stretch 9.13 nginx 1.10.3
Solution 1:
I fixed this based off the suggested link from @MichaelHampton: https://ssl-config.mozilla.org/
The specific lines that fixed it were:
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;