TLS Version Checker
Check which TLS protocol versions your server supports and identify deprecated configurations.
What This Tool Checks
Comprehensive TLS protocol version analysis for your server.
TLS 1.0 & 1.1 Detection
Identifies deprecated TLS versions that are vulnerable to attacks like BEAST and POODLE.
TLS 1.2 Verification
Confirms support for TLS 1.2, the minimum version recommended by security standards.
TLS 1.3 Support
Checks for TLS 1.3 which offers faster handshakes and stronger encryption by default.
Cipher Suite Info
Shows the negotiated cipher suite for each supported TLS version.
How It Works
Three steps to check your TLS configuration.
Enter a Hostname
Type or paste a domain name. The tool connects to port 443 and tests each TLS version individually.
Test Each Version
Separate TLS connections are attempted for versions 1.0, 1.1, 1.2, and 1.3 to determine exactly which are enabled.
Review Results
See which versions are supported, identify deprecated protocols, and follow recommendations to improve security.
Frequently Asked Questions
Common questions about TLS versions and configuration.
What is TLS and why do versions matter?
TLS (Transport Layer Security) encrypts communication between browsers and servers. Older versions like TLS 1.0 and 1.1 have known vulnerabilities and were officially deprecated in 2020 by RFC 8996. Using modern versions ensures your connections are protected against known attacks.
Why should I disable TLS 1.0 and 1.1?
TLS 1.0 and 1.1 are vulnerable to attacks like BEAST, POODLE, and CRIME. All major browsers have dropped support for these versions. PCI DSS compliance requires TLS 1.2 or higher. Keeping deprecated versions enabled increases your attack surface without benefiting legitimate users.
What are the benefits of TLS 1.3?
TLS 1.3 offers a faster handshake (1-RTT vs 2-RTT), removes insecure cipher suites entirely, supports 0-RTT resumption for repeat visitors, and provides forward secrecy by default. It is both more secure and more performant than TLS 1.2.
How do I update my server's TLS configuration?
In Nginx, set ssl_protocols to 'TLSv1.2 TLSv1.3'. In Apache, use SSLProtocol -all +TLSv1.2 +TLSv1.3. For cloud services like Cloudflare or AWS, TLS version settings are available in the dashboard. Always test after changes to ensure nothing breaks.
Related Tools
More tools to check your server's security configuration.