• Engineering
  • Featured

    • Weak cryptographic standards removed

    Image of Patrick Toomey

    Patrick Toomey

    Earlier today we permanently removed support for the following weak cryptographic standards on github.com and api.github.com:

    • TLSv1/TLSv1.1: This applies to all HTTPS connections, including web, API, and Git connections to https://github.com and https://api.github.com.
    • diffie-hellman-group1-sha1: This applies to all SSH connections to github.com
    • diffie-hellman-group14-sha1: This applies to all SSH connections to github.com

    This change was originally announced last year, with the final timeline for the removal posted three weeks ago. If you run into any issues or have any questions, please don’t hesitate to let us know.

    Related posts

    Save your seat at GitHub Universe

    Celebrate a world connected by code at our annual product and community event, November 13-14 in San Francisco.

    Get tickets

    Experience GitHub Satellite 2019

    Our latest event spotlighted an interconnected software community. Watch the keynote, talks, and panels from your corner of the world.

    Watch now