Weak cryptographic standards removed

Earlier today we permanently removed support for the following weak cryptographic standards on github.com and api.github.com: TLSv1/TLSv1.1: This applies to all HTTPS connections, including web, API, and Git connections to…

Author

Patrick Toomey

February 23, 2018

Earlier today we permanently removed support for the following weak cryptographic standards on github.com and api.github.com:

TLSv1/TLSv1.1: This applies to all HTTPS connections, including web, API, and Git connections to https://github.com and https://api.github.com.
diffie-hellman-group1-sha1: This applies to all SSH connections to github.com
diffie-hellman-group14-sha1: This applies to all SSH connections to github.com

This change was originally announced last year, with the final timeline for the removal posted three weeks ago. If you run into any issues or have any questions, please don’t hesitate to let us know.

Explore more from GitHub

Engineering

Posts straight from the GitHub engineering team.

Learn more

GitHub Universe 2023

Get free virtual tickets to the global developer event for AI, security, and DevEx.

Get free tickets

GitHub Copilot

Don't fly solo. Try 30 days for free.

Learn more

Work at GitHub!

Check out our current job openings.

Learn more

Weak cryptographic standards removed

Related posts

Security best practices for authors of GitHub Actions

GitHub Availability Report: October 2023

Introducing AI-powered application security testing with GitHub Advanced Security

Explore more from GitHub

Engineering

GitHub Universe 2023

GitHub Copilot

Work at GitHub!

Subscribe to The GitHub Insider