Support » Plugin: Yoast SEO » PREMIUM DOES NOT SUPPORT SSL V3

  • Error from WP Query Monitor:

    stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure stream_socket_client(): Failed to enable crypto stream_socket_client(): unable to connect to ssl://my.yoast.com:443 (Unknown error)

    THIS IS WHAT THE YOAST CUSTOMER SERVICE SENT ME:

    Yoast SEO uses cURL to verify the plugin subscription. For the communication to be successful, your webhost must meet our premium plugin requirements. The errors above indicates that your server may be running SSL v3. We require that your server does not use SSL v3. Please contact your webhost for assistance with your server setup.

    WHAT THE HELL??? THEY ASKS US TO DOWNGRADE FROM SSL V3!!! WE PAID FOR OUR SSL CERTIFICATE AND WERE USING THE LATEST VERSION AND THIS REPLY IS WHAT WE GET??? WHY DONT YOU UPGRADE YOUR PLUGIN ONCE IN A WHILE TO WORK WITH CURRENTLY EXISTING TECHNOLOGY???

Viewing 1 replies (of 1 total)
  • Plugin Support martijnvaneeghem

    (@martijnvaneeghem)

    Hi @waheedos,

    I can understand your frustration with this situation. It certainly is a confusing issue. In the meantime, we have already sent you a more extensive follow-up reply via email, but please allow me to briefly explain the situation here as well, and why we are not asking you to downgrade.

    Explanation
    There is a difference between a site accepting SSL/TLS connections and PHP initiating an SSL/TLS connection. So, let’s distinguish between different SSL/TLS:

    1. The connection from a visitor to your website is made between the visitor’s computer and your webserver. This uses the SSL certificates that you need to have your website on HTTPS instead of HTTP.
    2. The connection from your website to MyYoast is made between our portal and the cURL/PHP on your website. This is something different.

    SSL 3.0 is a really, really old version of the SSL/TLS protocols mentioned in point 2 above. It was published in 1996 and was deprecated in 2015. It was followed by TLS 1.0 (1999), TLS 1.1 (2006), TLS 1.2 (2008), and currently TLS 1.3 (2018).

    We support everything from version TLS 1.2 (2008) and above. We should have been more clear in our initial email to you, as that would hopefully have avoided any frustration on your end.

    We look forward to hearing from you and making sure your issue is fully resolved!

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this review.