Thanks to readers Tom W and James K for reporting a browser warning for this site, which was using TLSv1.1, which is now deprecated.
This cropped up because companies like Apple have updated their web browsers to issue a warning for TLSv1.1. That’s confusing to users and not important for this site, but that’s how it is.
As of this morning, I’ve hardened the site to use TLSv1.2 with TLSv1.3 optional. Wasn’t planning on it here at 11800' elevation in the White Mountains my van... such a lovely morning lost but it was worth doing.
Also, supported cipher suites have been hardened to only the following:
Very old web browsers might no longer be able to access this site as a result. There is no way to fix that (in general) without degrading site security and getting a 'B' rating. While a few cipher suites could be added and still get an 'A', those suites are ranked as 'weak', and I have chosen to exclude them for now.