What kind of certificates does Let's Encrypt issue TLS or SSL?


#1

Please fill out the fields below so we can help you better.

My domain is:

I ran this command:

It produced this output:

My operating system is (include version):

My web server is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

For all intents and purposes, TLS can be used as a synonym for SSL. SSL is the older name used when the protocol was developed by Netscape (and typically refers to older versions of the protocol, if used in context with TLS), and TLS is what was used after the IETF began to standardize it. There’s no such thing as a certificate that supports SSL but not TLS (or vice versa).


#3

If you have control over your web server config you can decide which protocols you’d like to use. In Apache for example, you could use ONLY TLS 1.2 by placing this in your VirtualHost:

SSLProtocol TLSv1.2

If you wanted to allow SSL and any version of TLS, you’d use this:

SSLProtocol all -SSLv2 -SSLv3

Which disables SSLv2 and v3 because they are now considered insecure.

The trade off is that while TLS 1.2 provides better security, not all clients support it, so folks on older computers might not be able to take advantage of your https functionality if you lock it down to TLS 1.2. Take a look at this table and decide what’s best for your application:

https://en.wikipedia.org/wiki/Template:TLS/SSL_support_history_of_web_browsers


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.