Skip to content
🛠️ToolsShed

SSL/TLS Reference

SSL/TLS versions and cipher suites reference with security status.

SSL 2.0

1995Broken

Broken — multiple critical vulnerabilities. RFC 6176 prohibits use.

SSL 3.0

1996Broken

Broken — POODLE attack. RFC 7568 prohibits use.

TLS 1.0

1999Deprecated

Deprecated — BEAST attack. PCI DSS disallows after 2018.

TLS 1.1

2006Deprecated

Deprecated — no significant improvements over 1.0. Browsers dropped in 2020.

TLS 1.2

2008Secure

Current — widely supported. Use with AEAD cipher suites only.

TLS 1.3

2018Secure

Latest — faster handshake, forward secrecy mandatory, removed legacy ciphers.

About this tool

SSL/TLS is the encryption protocol that secures every HTTPS connection on the web. This reference tool provides a comprehensive guide to SSL/TLS versions, cipher suites, and their current security status, helping developers and security professionals understand which protocols are safe to use and which have known vulnerabilities. Whether you're configuring a web server, auditing your infrastructure, or learning about modern cryptography, this tool cuts through the complexity and gives you the facts.

Use this tool to look up specific SSL/TLS versions (from legacy SSLv3 to modern TLS 1.3) and see their security ratings, supported cipher suites, and key algorithms. You can quickly check whether a cipher suite is secure for production use, verify what algorithms are in a specific TLS version, or understand the differences between symmetric and asymmetric encryption methods. It's invaluable when troubleshooting compatibility issues, upgrading server configurations, or preparing for security compliance audits.

This tool is ideal for system administrators, DevOps engineers, and application security teams who need quick answers without digging through lengthy RFC documents. Note that cryptography standards evolve constantly—always pair this reference with official documentation from IETF or your certificate authority when making critical security decisions.

Frequently Asked Questions

Code Implementation

import ssl
import socket

# Check server's TLS version and cipher
def check_tls(hostname, port=443):
    context = ssl.create_default_context()
    with socket.create_connection((hostname, port)) as sock:
        with context.wrap_socket(sock, server_hostname=hostname) as ssock:
            cipher = ssock.cipher()
            version = ssock.version()
            cert = ssock.getpeercert()
            return {
                'version': version,
                'cipher': cipher[0],
                'bits': cipher[2],
                'subject': dict(x[0] for x in cert['subject']),
                'expires': cert['notAfter']
            }

# Configure minimum TLS version
def create_secure_context(min_version=ssl.TLSVersion.TLSv1_2):
    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
    ctx.minimum_version = min_version
    ctx.maximum_version = ssl.TLSVersion.TLSv1_3
    ctx.load_default_certs()
    return ctx

# Example
try:
    info = check_tls('example.com')
    print(f"TLS Version: {info['version']}")
    print(f"Cipher: {info['cipher']} ({info['bits']} bits)")
    print(f"Certificate expires: {info['expires']}")
except Exception as e:
    print(f"Error: {e}")

Comments & Feedback

Comments are powered by Giscus. Sign in with GitHub to leave a comment.