I have checked some of our websites. They are currently rated A-. But in one month they are only classified with C.
Just what exactly is the reason?
More link below the Future grade point to this blog: https://blog.qualys.com/ssllabs/2017/01/18/ssl-labs-grading-changes-january-2017. This blog explains various grading changes that will be applicable.
Among the grading changes, "Penalty for using 3DES (64-bit ciphers) with TLS 1.1 or newer (C)" should be the cause for "C" grade in your case. Apart from details on the blog, you can also refer FAQ section on Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN to resolve the issue.
@Bhushan, I see announcing very pleasant feature, done with excellence. But in this case it may be little bit confusing test returns "Our grading will change in a month", but grading changes from https://blog.qualys.com/ssllabs/2017/01/18/ssl-labs-grading-changes-january-2017 are titled "January 2017 grading changes", so from article title I would expect changes would be applied in February (January + 1 month), but now is end of March and still "in a month". May I kindly suggest instead of "in a month" exact date is provided like "Our grading will change 30 April", to get exact date when change will be applied. Someone testing today and getting "in a month" may get false promise that there is STILL one month to the change, but change will most probably happen at some day without "in a month" warning change.
Yes, we will provide exact dates in any future grade change notification.https://community.qualys.com/thread/17144-are-there-more-grading-changes-incoming-linked-blog-is-confusing#comment-36606
Thank's for your help.
the problem was SSL3-DES-CBC3-SHA
Retrieving data ...