Test SSL Protocol Support
| Protocol | Status | Recommendation |
|---|---|---|
| SSLv2 | SSLv2 is Disabled | SSLv2 is weak and should be disabled. More information. |
| SSLv3 | SSLv3 is Disabled | Consider disabling SSLv3 to mitigate the POODLE attack. Should be disabled for PCI DSS 3.1 Compliance |
| TLSv1 | TLSv1 is Disabled | TLSv1 may be enabled for existing implementations, however PCI DSS 3.1 § 2.2.3 states that: SSL and early TLS are not considered strong cryptography and cannot be used as a security control after June 30, 2016. Prior to this date, existing implementations that use SSL and/or early TLS must have a formal Risk Mitigation and Migration Plan in place. Effective immediately, new implementations must not use SSL or early TLS |
| TLSv1.1 | TLSv1.1 is Disabled | TLSv1.1 may be enabled for existing implementations, however PCI DSS 3.1 § 2.2.3 states that: SSL and early TLS are not considered strong cryptography and cannot be used as a security control after June 30, 2016. Prior to this date, existing implementations that use SSL and/or early TLS must have a formal Risk Mitigation and Migration Plan in place. Effective immediately, new implementations must not use SSL or early TLS. Some assert that the term early TLS includes both TLS 1.0 and 1.1, check with your PCI QSA. |
| TLSv1.2 | TLSv1.2 is Enabled | TLS 1.2 should be enabled. |
Note if there is a problem connecting to your server, or your server doesn't support SSL it will show up as Not Enabled. TLSv1 Should be enabled if you are accepting HTTPS connections.
Test run at: Wednesday, March 22, 2023 6:42:41 PM Coordinated Universal Time by 18.205.66.93
Using IIS? Try our tool for disabling SSL protocols and enabling TLS 1.2 on IIS:
