It is important to check the version of encryption that your website uses. Website owners have roughly six months to upgrade or risk disruption to domain access
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. If you don’t have the SSL certificate, a secure connection cannot be established, which means, your company information will not be protected from eavesdroppers.
The currently supported version of SSL is TLS 1.3 which was introduced in 2018 and TLS 1.2, introduced in 2008.
The TLS (Transport Layer Security) protocol aims primarily to provide privacy and data integrity between two or more communicating computer applications. When secured by TLS, connections between a client (e.g., a web browser) and a server (e.g., google.com) are encrypted which makes them secure.
There have been flaws found in encryption prior to TLS 1.2 and major browser publishers have detailed timelines for discontinuing support. Essentially, this means the websites can no longer be read.
Google announced last year that it would stop supporting websites with less than TLS 1.2 encryption with Chrome version 81. This version was released in April 2020. This means if your website doesn’t have an SSL certificate supporting at least TLS 1.2, Google will display a ‘Not Secure’ in the URL bar.
They also announced in March due to the COVID 19 pandemic that support for versions of TLS earlier than 1.2 would be intended until Chrome version 84, which is currently in www. Therefore it is essential to make certain that your web site has at least TLS 1.2 or higher for security or your site will not be able to be read using Chrome.
Microsoft announced that support for TLS versions earlier than 1.2 will end in the second half of 2020. Other browsers such as FireFox and Safari have similar plans.
You can check the SSL encryption used on any site by doing this.
- Go to the DigiCert SSLTools website.
- Click “Check SSL/TLS.
- Enter in your website address and click “Check”. I recommend entering it as *.example.com
- Once it’s done checking, click on “Server Configuration” at the right of the screen.
- In the top-left corner of the results, it should say “Protocols enabled” and under that, you will hopefully see “TLS1.2”. If so, you’re all set!