Deprecated TLS Redirect

Is there a way to capture these tls messages and redirect them to a warning page?

tls: client offered an unsupported, maximum protocol version of 300
tls: client offered an unsupported, maximum protocol version of 301

I still have users connecting with IE 9 which can be configured to use tls 1.2 & higher, but right now they just get this attached screen warning message. I want to let them know to update there browser.

Thank you!

You’d first have to allow/enable those older protocol versions, since if the TLS version is unsupported and Caddy fails the handshake, you can’t issue any HTTP responses with which to redirect them.

Then just use template actions or placeholders to detect the TLS version and issue a redirect or show a message on your page:

Easy peasy :slight_smile:

Appreciate the info. I have checked the documentation, but I’m not sure I understand how it all works. Do you have an example? I searched this forum and stack overflow, but I am coming up with very little. Thank you.

Regarding enabling the older TLS versions, check out the documentation of the tls directive:

You want the protocols subdirective. The list of protocols you can specify is also on that page:

In the Placeholders documentation is the {proto} placeholder, which you’ll check in your template action.

I don’t think there are any template actions that specifically issue a redirect, but you can just include a bit of JS in a <script> tag to take care of it, if you like.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.