What is Transport Layer Security (TLS)?

In general, TLS secures communication on computer networks. See the Wikipedia Transport Layer Security page for more information about TLS, and its predecessor SSL.

What TLS/SSL versions should I use?

No versions of SSL are considered secure. Older TLS versions are known to have various weaknesses and many sites are working to remove them.

Suggested TLS versions
TLS/SSL version Status
TLS 1.3 Good to use.
TLS 1.2 Good to use.
TLS 1.1 Not suggested.
TLS 1.0 Do not use.
SSL 3.0 Do not use.
SSL 2.0 Do not use.

 

What information sources are available?

Qualys (SSL Labs) - SSL/TLS Capabilities of Your Browser
https://www.ssllabs.com/ssltest/viewMyClient.html

Qualys (SSL Labs) - SSL Server Test
https://www.ssllabs.com/ssltest/index.html

Wikipedia - Transport Layer Security
https://en.wikipedia.org/wiki/Transport_Layer_Security

Comodo - Deprecation of TLS 1.0
https://www.comodo.com/e-commerce/ssl-certificates/tls-1-deprecation.php

NIST - Guidelines for the Selection, Configuration, and Use of TLS Implementations
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf

PCI - Date Change for Migrating from SSL and Early TLS
https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls

Microsoft - The End of Support for Older TLS Versions in Office 365
https://blogs.technet.microsoft.com/cloudyhappypeople/2017/12/22/the-end-of-support-for-older-tls-versions-in-office-365/

Red Hat - Securing Application ‘X’ with SSL/TLS in RHEL ‘Y’
https://access.redhat.com/articles/1462183

Article number: 
114351
Last updated: 
December 30, 2018