0-RTT disabled, but server still accepts early data

What is the name of the domain?

What is the error number?

Server: Early Data accepted

What is the issue you’re encountering

0-RTT disabled, but server still accepts early data.

What steps have you taken to resolve the issue?

I have installed sslyze from GitHub and perfomed the following command;
‘python -m sslyze --early_data midubrand.com’ and it returns;

  • TLS 1.3 Early Data: Suppported - Server accepted early data

In Cloudflare I’ve changed the 0-RTT option to disabled (Speed > Optimization > Protocol Optimization > 0-RTT Connection Resumption)

The server still accepts early data requests.

Screenshot of the error

Just fyi my website is linked to Shopify’s webserver.
They told me there is nothing enabled on their side.

This topic was automatically closed after 15 days. New replies are no longer allowed.