Tried 2 more times with this config we are now at 3/3 hits.
Seems reproducible enough?
Difference in ssllabs output:
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.
Which is green but downgrades the protocol result by 5%
Anyway, this is one of the changes that we will disable when hunting for the critical config.
The section the 100% starts to show up is labelled "Testing renegotiation" which would match expectations as the fix was about SSL renegotiation.
I'm now dropping config differences one by one ...
Tried 2 more times with this config we are now at 3/3 hits.
Seems reproducible enough?
Difference in ssllabs output:
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.
Which is green but downgrades the protocol result by 5%
Anyway, this is one of the changes that we will disable when hunting for the critical config.
The section the 100% starts to show up is labelled "Testing renegotiation" which would match expectations as the fix was about SSL renegotiation.
I'm now dropping config differences one by one ...