AnsweredAssumed Answered

Why does a server with TLS1.0 enabled get an A score?

Question asked by Andrew Hale on Sep 5, 2017
Latest reply on Sep 13, 2017 by Rob Moss

We are in the process of disabling TLS1.0 and 1.1 on our servers.  We fixed an external site, scanned, and were happy to get an A score.  Our developers needed to test a webservice that resides on the site with a client that only supports TLS1.0, so we reverted the change, allowed TLS1.0 connections... and got an A score when we re-ran the scan.  PCI gives a fails allowing a TLS1.0 connection.  Why does the server still show an A?  (We cleared the cache when we re-ran the scan). 

Outcomes