TLS Configuration Beyond Certificates: Versions, Cipher Suites, HSTS, and OCSP Stapling

TLS 1.0 and 1.1 are still enabled on more servers than they should be. Here's TLS version history and current status, what cipher suites determine (including forward secrecy), HSTS preloading requirements, OCSP stapling, and how to use SSL Labs to grade your TLS configuration.

By sadiqbd · June 9, 2026

TLS Configuration Beyond Certificates: Versions, Cipher Suites, HSTS, and OCSP Stapling

TLS 1.0 and 1.1 are still enabled on more servers than anyone should be comfortable with — and the consequences are exploitable

TLS (Transport Layer Security) is the protocol that encrypts HTTPS connections. The version of TLS a server accepts determines the cryptographic protections available — and older versions have well-documented vulnerabilities that are actively exploited.

A certificate check tells you the certificate is valid. A TLS configuration check tells you whether the connection itself is as secure as it should be.

TLS version history and current status

TLS 1.0 (1999): deprecated. Vulnerable to POODLE, BEAST, and other attacks. PCI DSS banned it in 2018. IETF formally deprecated in RFC 8996 (2021). Should be disabled on all servers.

TLS 1.1 (2006): also deprecated. Removed many TLS 1.0 vulnerabilities but still lacks the forward secrecy properties of later versions. Also deprecated in RFC 8996. Should be disabled.

TLS 1.2 (2008): still widely used and secure with correct cipher configuration. Supports forward secrecy when configured with ECDHE or DHE key exchange. The minimum acceptable version for all production systems.

TLS 1.3 (2018): the current standard. Simplified handshake (1-RTT vs 2-RTT), mandatory forward secrecy, removed all weak cipher suites. Significantly faster and more secure than 1.2.

Browser support: all major browsers removed TLS 1.0 and 1.1 support in 2020 (Chrome 84, Firefox 74, Safari 13, Edge 84). Servers that only support TLS 1.2+ are not penalising any modern browser users.

Cipher suites: what they determine

A cipher suite is a set of algorithms used to secure a TLS connection. Example:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Reading this:

ECDHE — key exchange algorithm (ECDHE = Elliptic Curve Diffie-Hellman Ephemeral)
RSA — authentication algorithm (the server proves its identity using RSA)
AES_256_GCM — symmetric encryption (256-bit AES in Galois/Counter Mode)
SHA384 — message authentication code (integrity checking)

Why cipher suites matter:

Forward secrecy: cipher suites using ECDHE or DHE key exchange provide forward secrecy — even if the server's private key is later compromised, recorded past traffic cannot be decrypted. Cipher suites using RSA key exchange (without DHE/ECDHE) don't provide this property.

Weak ciphers to disable:

RC4: broken; predictable key stream
DES/3DES: too short key length; SWEET32 attack
NULL: no encryption at all
EXPORT ciphers: intentionally weakened for US export regulations (now exploitable)
CBC cipher suites in TLS < 1.2: vulnerable to BEAST and Lucky 13 attacks

HSTS and HSTS preloading

HTTP Strict Transport Security (HSTS) was covered in the security headers post, but the implementation details for maximum protection are worth elaborating:

Basic HSTS:

Strict-Transport-Security: max-age=31536000

Instructs browsers to only connect via HTTPS for one year after first seeing this header.

With subdomain coverage:

Strict-Transport-Security: max-age=31536000; includeSubDomains

The preload directive:

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Submitting to the HSTS preload list (hstspreload.org) gets your domain included in browsers' built-in HSTS list. The browser enforces HTTPS on the first visit — before any HTTP connection is made. This eliminates the "Trust On First Use" window where a user's first HTTP connection could be intercepted before HSTS is established.

Requirements for preload:

max-age of at least 1 year (31536000 seconds)
includeSubDomains directive
preload directive
All subdomains must support HTTPS before submitting

Warning: HSTS preloading is difficult to reverse. If you later need to serve HTTP (for any reason), you'll need to wait months or years for the preload entry to be removed from browser releases.

OCSP stapling

When a browser connects to your site, it needs to verify your certificate hasn't been revoked. Traditionally, this requires a separate OCSP (Online Certificate Status Protocol) query to the Certificate Authority's OCSP responder — adding latency and a privacy concern (the CA learns which sites you visit).

OCSP stapling allows the server to pre-fetch and cache the OCSP response, then "staple" it to the TLS handshake. The browser gets certificate validation without contacting the CA separately.

Benefits:

Eliminates OCSP query latency during TLS handshake
Doesn't leak browsing information to CAs
Provides validation even when CA's OCSP responder is slow or unavailable

How to check: the SSL Labs test shows whether OCSP stapling is enabled.

SSL Labs: the definitive TLS configuration test

Qualys SSL Labs (ssllabs.com/ssltest) is the industry-standard tool for testing TLS configuration. It checks:

TLS versions supported
Certificate chain completeness
Cipher suites offered and their security properties
Forward secrecy support
HSTS header and max-age
OCSP stapling
Support for common attacks (BEAST, CRIME, BREACH, POODLE, Heartbleed, etc.)
Overall grade: A+ (excellent), A, B, C, D, F, or T (trust issues)

Target grade: A or A+. An A+ requires HSTS with long max-age.

Running SSL Labs on any domain you manage identifies configuration issues before attackers do.

Practical TLS configuration

nginx:

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Apache:

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!aNULL:!MD5:!DSS
SSLHonorCipherOrder on
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

Mozilla's SSL Configuration Generator (ssl-config.mozilla.org) provides server-specific recommended configurations.

How to use the SSL Checker on sadiqbd.com

Enter your domain
Check certificate validity, chain, and expiry — the basics
Note the TLS version — does the server report what TLS versions are supported?
Follow up with SSL Labs for comprehensive cipher suite and forward secrecy analysis

Frequently Asked Questions

Is TLS 1.2 still secure? Yes, with proper cipher configuration. Disable weak cipher suites, require forward secrecy (ECDHE or DHE key exchange), and you have a secure TLS 1.2 configuration. TLS 1.3 is better and faster, but TLS 1.2 remains secure.

Does TLS version affect SEO? Not directly. Core Web Vitals measure page performance, and TLS 1.3's faster handshake slightly improves TTFB, which could have a marginal effect. But Google doesn't explicitly use TLS version as a ranking signal.

Is the SSL Checker free? Yes — completely free, no sign-up required.

TLS configuration is a security layer that most developers set up once and never revisit. A quarterly check with SSL Labs reveals deprecated protocol support and weak cipher suites before they become exploited vulnerabilities.

Try the SSL Checker free at sadiqbd.com — verify certificate validity, chain completeness, and expiry for any domain instantly.