I have read that TLS certificate are more secure than the SSL one, is it correct?
I have installed SSL cert on a flask app on a linux and nginx framework and was wondering if there is a quick way to shift from SSL to TLS cert?
Thanks in advance!
SSL and TLS are the same. There is no distinct SSL or TLS certificate, at least not in 2022.
SSL - Secure Sockets Layer - is the historic name of the protocol used for encryption in the web. SSLv2 and SSLv3 were the versions in use around 20 years ago.
At some point some things happened and the IETF wrote a standard out of the existing SSL protocol and for reasons they named the protocol TLS, Transport Layer Security.
Both SSL and TLS used X.509 certificates, which is what you get from any public CA such as Let's Encrypt.
Today, SSL effectively no longer exists. It is unsupported by all modern systems. However the name SSL remains in widespread use, even though the protocol is named differently today.
Ok I see. Very interesting, thanks a lot for these informations!
There's only one version of certificates in use, which is independent of the TLS/SSL version. Your Certificate Authority (whether Let's Encrypt or otherwise) will always give you an x509 version 3 certificate.
The SSL/TLS version is controlled by the web server (and browser or other client). The history goes something like this:
SSLv2 (1995), SSLv3 (1996), TLS 1.0 (1999), TLS 1.1 (2006), TLS 1.2 (2008), TLS 1.3 (2018).
As you can see, the name changed and numbering restarted in 1999. Plenty of people still use the old SSL name. One example of this is a common software implementation named OpenSSL, which implements both SSL and TLS.
TLS 1.2 and 1.3 are both widely used today. Some TLS 1.0 and 1.1 use may remain. SSL v3 is basically dead now, and SSLv2 has been very dead for many years.
If you want to check a webserver's TLS configuration, there are some online tools that can help:
(and many more!)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.