AnsweredAssumed Answered

HSTS check misbehaving with certain ECDHE ciphers absent?

Question asked by NWTR on May 13, 2015
Latest reply on May 14, 2015 by NWTR

when I run SSL Server test against us with TLS1.0 and TLS1.2 enabled plus ECDHE ciphers 0xc012, 0xc030, 0xc02f, 0xc028, 0xc014 I receive full scoring but because of the 3DES_EDE cipher I realize just 112 bits for the Android versions and HSTS checks are passed *successfully*, overall resulting in A+. Removing 3DES_EDE (0xc012) from the supported ciphers brings back 128/256 bit results, but HSTS is no longer passing, resulting in just an A. Why that?

Outcomes