What http response header do I use to say "I support https, redirect to https if you do too" without breaking clients that only do http?
-
-
No the fallback must be explicit (edit config file). It just has to work, and will keep working, unlike crypto schemes disappearing from TLS
-
Certs actually contain a chain to ancient CAs? Or can I make configure my server to send back such chains?
-
Assuming one exists for your immediate cert-issuing CA, I'm pretty sure you can configure your server to send the whole chain.
-
That's cool. I should learn more about TLS details like that.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.