I am getting the messages
This site can’t provide a secure connection http://www.gprejects.com
uses an unsupported protocol.
when accessing the site using Google Chrome under Windows XP.
Trying IE on the same machine just refuses any connection.
Are you using Windows XP SP2 or lower? Our SSL certificates use SHA-2 cryptography, but XP SP2 and lower only supports SHA-1, which is no longer considered secure and has been deprecated at a hugely accelerated rate in the past few years. If you care about that sort of thing, the reasons for it being so insecure are quite interesting, but I'll assume you don't care and get to the point.
We have an A+ rating for SSL security from Qualys. This is because of the restriction on accepted ciphers with our SSL/TLS connections (hence ERR_SSL_VERSION_OR_CIPHER_MISMATCH
). Windows XP SP3 supports our SSL authentication. Earlier versions only accept SHA-1, which Microsoft officially does not support in any way shape or form.
Modifying those restrictions already in place to accommodate systems which do not support SHA-2 weakens security for everyone else. StatCounter
numbers from Dec 2016 show only 2.24% of web visitors still use XP, and while I don't have stats for percentages for SP versions, it is widely accepted the vast majority of these XP systems are on SP3. Therefore I have no plans to modify settings at our end to accommodate these machines, especially as their use will be on a permanent downward trajectory.
In terms of fixing it at your end, I would recommend not touching XP with a 10 foot pole. It hasn't been supported in some time, and is a bit like securing your house with nothing but a Yale lock that has been stuck in the latch position for 3 years. Failing that (upgrading an entire OS is a pain), get the system upgraded to SP3 just to get the site to work. If it's a work computer, tell your IT department they should all be fired for being the most incompetent monkeymen on earth. I know the feeling - my dayjob still has machines running XP, despite working in a data-critical industry. For them it's just cheapness - they still have CRT monitors in active use. It's an embarrassment.
Of course, everything I've written is redundant if you're running SP3. Then I'm clueless as to what is wrong.