I got A- rating when I put TLS_RSA_WITH_3DES_EDE_CBC_SHA in the top list? Is that correct? Shouldn´t that be C ?
Hi,if you look at the "Cipher Suites" section in your print-screen there is info: "server has no preferences", so order of your server cipher list is not important, because in your case browser selects cipher and because modern browser knows that 3DES is not the best cipher it tries to use something more secure.
If you want web server is in charge of selecting cipher, you need to explicitly set this setting. You haven't written what is your web server, but in Apache httpd this setting is set with the following directive:
Setting above setting and preferring 3DES in cipher suites and your server is going to get C grade because of using 3DES with modern protocols (TLSv1.1 or TLSv1.2). Details about this grading was discussed a week ago in the following topic: Questions about 3DES and rating
Thanks, Now I understand more about the orders.
Retrieving data ...