David, I first posed this question on the Vintage Apple Macintosh Enthusiasts group on FB. Jason Duerstock commented: "It's not trivial, but I believe you're looking for something like this: https://serverfault.com/questions/822453/proxy-server-accepting-tls-1-0-and- calling-tls-1-2-downstream Proxy server accepting TLS 1.0 and calling TLS 1.2 downstream" The documentation https://mitmproxy.readthedocs.io/en/v2.0.2/features/reverseproxy.html is easier to read. Seeing that we were quite happy using these sites without any encryption, the loss of end to end security seems inconsequential. The key words in Jason's comment were "It's not trivial..." Jim
-----Original Message----- From: vcf-midatlantic <vcf-midatlantic-bounces@lists.vcfed.org> On Behalf Of David Gesswein via vcf-midatlantic Sent: Monday, November 12, 2018 7:21 AM To: Jim Scheef via vcf-midatlantic <vcf-midatlantic@lists.vcfed.org> Cc: David Gesswein <djg@pdp8online.com> Subject: Re: [vcf-midatlantic] www locks out older browsers
I assume you could run a local proxy that converts. It breaks the end to end security though. Businesses use these proxys for monitoring.
On Mon, Nov 12, 2018 at 01:08:43AM -0500, Jim Scheef via vcf-midatlantic wrote:
Hello all,
After playing with an eMac running OS X 10.3 several months back, I let it sit for a few months. Now it can no longer open most common websites. So what changed while the machine was not even plugged in? After some investigation I realized that main-stream sites have changed their SSL to require TLS 1.2, mostly because it actually works. The result is that vintage browsers return an error similar to ???cannot establish secure connection???. Forcing SSL by refusing to connect on port 80, these sites have locked out many vintage machines.
So, what can be done? The obvious solution is to find a modern browser that runs on your vintage OS. This may require an OS upgrade (OS X 10.4 should run on the eMac) which allows running TenFourFox, which seems to include TLS 1.2.
The irony that in the name of security, the machine used to invent the web (NeXT) may no longer be able to display it.
Any thoughts?
Jim