Used SSL Labs’ SSL Server Test to analyze my site now that I have LetsEncrypt certificates installed. Got an A. The only things of note it mentioned were:
- My HSTS is too short. It considers less than 180 too short. The cert isn’t even valid for 180 days (90 for LetsEncrypt). My HSTS is actually only one day, and I will probably leave it on the short side until I’m sure things are safe.
- It is an SNI certificate, so it will not be supported by some old browsers. 94%+ is good enough for me when I still support HTTP.