TLS Version Checker
Test which TLS versions your server supports. Verify TLS 1.3 and TLS 1.2 compatibility.
About SSL Certificate Checker
Comprehensive SSL/TLS certificate analyzer that validates certificate chains, checks expiration dates, and verifies hostname matching from multiple global locations.
Key Features
Multi-region SSL validation
Certificate chain verification
Expiration monitoring
TLS version detection
Hostname validation
TLS (Transport Layer Security) version determines the encryption protocols your server uses. TLS 1.0 and 1.1 are deprecated and blocked by all major browsers since 2020. Modern sites should support TLS 1.2 and TLS 1.3 for optimal security and performance.
Our TLS checker identifies which protocol versions your server accepts and highlights outdated configurations. TLS 1.3 offers faster handshakes and stronger security—verify your server supports it from all global regions.
**Methodology:** TLS handshake testing each protocol version (1.0, 1.1, 1.2, 1.3) from 6 regions to identify supported versions.
Common SSL Errors & How to Fix Them
4 relevant issuesModern browsers block TLS 1.0/1.1 connections. May work on old systems but fail on new ones.
Disable TLS 1.0 and 1.1 on your server. Enable TLS 1.2 and 1.3. For Apache: SSLProtocol -all +TLSv1.2 +TLSv1.3. For Nginx: ssl_protocols TLSv1.2 TLSv1.3;
Server supports TLS 1.2 but not TLS 1.3. Missing performance and security benefits.
Upgrade your web server to a version supporting TLS 1.3 (OpenSSL 1.1.1+, nginx 1.13+, Apache 2.4.37+). Update ssl_protocols to include TLSv1.3. Verify with this tool after configuration.
Connection works but uses outdated encryption (DES, RC4, export ciphers).
Configure strong cipher suites only. Recommended: ECDHE+AESGCM:ECDHE+CHACHA20. Disable CBC mode ciphers if possible. Use Mozilla SSL Configuration Generator for your server type.
Connection fails before exchanging any data. May be regional or affect specific clients.
Check server firewall allows port 443. Verify SNI is configured correctly for multiple domains. Ensure cipher suites match client capabilities. Check for IP blocking or rate limiting.
Frequently Asked Questions
4 relevant questionsModern servers should support TLS 1.2 and TLS 1.3. TLS 1.3 is the latest standard with improved security and faster handshakes. TLS 1.0 and 1.1 are deprecated and blocked by major browsers since 2020. If our tool shows TLS 1.0/1.1, update your server configuration immediately to maintain security and browser compatibility.
TLS 1.3 offers: 1) Faster connections with 1-RTT handshakes (vs 2-RTT in TLS 1.2), 2) Zero-RTT resumption for returning visitors, 3) Removed insecure algorithms (RSA key exchange, CBC ciphers), 4) Forward secrecy mandatory, 5) Encrypted handshake hiding more metadata. Most modern servers and browsers support TLS 1.3 since 2018.
For Nginx: ssl_protocols TLSv1.2 TLSv1.3; For Apache: SSLProtocol -all +TLSv1.2 +TLSv1.3. For IIS: Use registry keys or IIS Crypto tool. After changes, restart your web server and test with this tool to confirm old versions are disabled. Note: This may break very old clients (IE 10, Android 4.x).
Our health score (0-100) weighs: certificate validity across all tested regions (60%), days until expiry (20% - higher scores for >60 days), TLS version (10% - TLS 1.3 scores highest), and cipher strength (10% - 256-bit encryption preferred). A score of 80+ indicates excellent certificate health. Below 50 requires immediate attention.
Related Tools
View All Tools →Related Tools
Global Infrastructure Verification
Verify SSL certificates, DNS records, and connectivity from 6+ regions worldwide. Get automated monitoring, expiry alerts, and full API access.