Many software vendors and web services have decided to follow the latest industry security standards and upgrade their information sharing protocol to the latest version – TLS v1.2. It is not recommended to set the minimum TLS to 1.3, unless there is a specific use case, as this will likely cause issues with search engine crawlers and certain browsers.Since SSL is considered an outdated technology and may be subject to security vulnerabilities in the future, it is strongly recommended to use TLS v1.1 or newer if possible. However, you also need to ensure that your users upgrade to a TLS 1.2 compliant browser.
These sites might already have more stringent security requirements or might be subject to PCI compliance. In this way, you minimize the possibility that some clients cannot connect to your site securely.įor a narrow user base and sites that run internal applications or business and productivity applications, Cloudflare recommends TLS 1.2. Depending on your particular business situation, this may present some limitations in using stronger encryption standards.Ĭonsider using TLS 1.0 or 1.1 for sites with a broad user base, particularly non-transactional sites. Not all browser versions support TLS 1.2 and above.
TLS 1.3, which offers additional security and performance improvements, was approved by the Internet Engineering Task Force (IETF) in May 2018. Cloudflare recommends migrating to TLS 1.2 to comply with the PCI requirement. TLS 1.2 includes fixes for known vulnerabilities found in previous versions.Īs of June 2018, TLS 1.2 is the version required by the Payment Card Industry (PCI) Security Standards Council.
Understand TLS versionsĪ higher TLS version implies a stronger cryptographic standard.
* error:1400442E:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alertįor guidance on which TLS version to use, review the information outlined below. If the TLS version you are testing is blocked by Cloudflare, the TLS handshake is not completed and returns an error:
0 kommentar(er)
