Been selling SSL certificates for a while and the most common support question is some variation of "I got an F on SSL Labs, what do I do now?"
SSL Labs is great but it tells you is wrong, not to fix it. And if you're behind Cloudflare it'll flag TLS 1.0/1.1 as your problem when it's actually the CDN edge keeping it for backward compatible.
So I built this: you drop a domain, it runs our server-side checks via OpenSSL (not browser JS), detects if there's a CDN in front, and for every issue it gives you the exact directive to fix it — Nginx, Apache, IIS, HAProxy and more.
Example: instead of "TLS 1.0 detected", you get:
server { ... }
ssl_protocols TLSv1.2 TLSv1.3;
...for your specific server software.
I Would love feedback, especially if you hit a false positive on the CDN detection or the fixes are wrong for your stack.
AndreiSSL•1h ago
SSL Labs is great but it tells you is wrong, not to fix it. And if you're behind Cloudflare it'll flag TLS 1.0/1.1 as your problem when it's actually the CDN edge keeping it for backward compatible.
So I built this: you drop a domain, it runs our server-side checks via OpenSSL (not browser JS), detects if there's a CDN in front, and for every issue it gives you the exact directive to fix it — Nginx, Apache, IIS, HAProxy and more.
Example: instead of "TLS 1.0 detected", you get:
...for your specific server software.I Would love feedback, especially if you hit a false positive on the CDN detection or the fixes are wrong for your stack.