OpenSSL & Cert7 min read

TLS 1.0, 1.1, 1.2, and 1.3: Differences and Why Versions Matter

Understand the differences between TLS 1.0, 1.1, 1.2, and 1.3. Learn why older versions are deprecated, what security improvements TLS 1.3 brings, and how to check what your server supports.

What is TLS?

TLS (Transport Layer Security) is the cryptographic protocol that secures communication over the internet. When you see HTTPS in your browser, TLS is providing the encryption and authentication. TLS is the successor to SSL — the term "SSL certificate" is still commonly used but modern certificates use TLS.

TLS Version History

VersionReleasedStatusNotes
SSL 2.01995❌ DeprecatedNever use — multiple critical flaws
SSL 3.01996❌ DeprecatedPOODLE attack (2014)
TLS 1.01999❌ DeprecatedBEAST, POODLE attacks; disabled by PCI DSS
TLS 1.12006❌ DeprecatedDeprecated by browsers in 2020
TLS 1.22008✅ SupportedCurrent minimum standard
TLS 1.32018✅ RecommendedFastest and most secure

TLS 1.2 vs TLS 1.3

TLS 1.2TLS 1.3
Handshake round trips2 RTT1 RTT (0-RTT resumption)
Cipher suitesMany (including weak ones)Only strong suites
Forward secrecyOptionalMandatory
RSA key exchangeSupportedRemoved
PerformanceGoodBetter (~30% faster handshake)
SecurityGoodExcellent

Check TLS Support with OpenSSL

# Check TLS 1.3 support
openssl s_client -connect example.com:443 -tls1_3 < /dev/null

# Check TLS 1.2 support
openssl s_client -connect example.com:443 -tls1_2 < /dev/null

# Show full handshake info
echo | openssl s_client -connect example.com:443 2>&1 | grep "Protocol"

Configure Nginx for TLS 1.2 and 1.3

server {
  listen 443 ssl;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers off;
}

✓ Recommendation: Support TLS 1.2 and TLS 1.3, disable TLS 1.0 and 1.1. This balances security with broad compatibility. PCI DSS 3.2+ requires disabling TLS 1.0 for cardholder data environments.

TRY THE FREE TOOL

OpenSSL Command Builder

Build OpenSSL commands visually without memorizing syntax

Open Tool →
← Back to all articles