Difference between revisions of "Transport Layer Security (TLS)"
Jump to navigation
Jump to search
Line 63: | Line 63: | ||
== Related terms == | == Related terms == | ||
+ | * [[Key Exchange]] | ||
* [[SMTPS]] ((TCP port number 465 using TLS)) (deprecated) | * [[SMTPS]] ((TCP port number 465 using TLS)) (deprecated) | ||
* [[HTTPS]] | * [[HTTPS]] |
Revision as of 10:54, 22 February 2024
wikipedia:Transport Layer Security cryptographic protocol successor to SSL (deprecated since 2011).
Once the client and server have agreed to use TLS, they negotiate a stateful connection by using a handshaking procedure. The protocols use a handshake with an asymmetric cipher to establish not only cipher settings but also a session-specific shared key with which further communication is encrypted using a symmetric cipher.
- https://support.apple.com/en-us/HT211025, 398 days
macOS 10.15 (June 2019) and IOS 13 requirements (https://support.apple.com/en-us/HT210176)
- TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits
- SHA-2
Protocol | Published | Status |
---|---|---|
SSL 1.0 | Unpublished | Unpublished |
SSL 2.0 | 1995 | Deprecated in 2011 (RFC 6176) |
SSL 3.0 | 1996 | Deprecated in 2015 (RFC 7568) |
TLS 1.0 | 1999 | Deprecation planned in 2020 |
TLS 1.1 | 2006 | Deprecation planned in 2020 |
TLS 1.2 | 2008 | |
TLS 1.3 | 2018 |
Errors
Related terms
- Key Exchange
- SMTPS ((TCP port number 465 using TLS)) (deprecated)
- HTTPS
- STARTTLS
podman pull --tls-verify=false
ssl_protocols
Nginx directive- Your connection is not private
- NET::ERR CERT INVALID
- ALB: AWS Application Load Balancer (ALB)
- SSL Certificate Checker
- Datagram Transport Layer Security (DTLS)
tls_private_key
- k8s cert-manager
- Predefined SSL security policies for Classic Load Balancers
- Certificate signed by unknown authority
- SSL/TLS Protocol: TLSv1.2,ECDHE-ECDSA-CHACHA20-POLY1305,256,256
- openssl s client -connect
See also
- Certificate:
.pem
,.ppk
,.pfx
,.p12
,.cer, .crt
,openssl pkcs12
,.csr
,.pub
, PFX, PKCS, PKCS - TLS, mTLS: OpenSSL, LibreSSL, BoringSSL, WolfSSL, X.509,
.pem
, SNI, CT, OCSP, Mbed TLS, ALPN,your connection is not private
, SSL Certificate Checker, Wildcard certificate, JA3 fingerprint, sslcan, TLS inspection
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Source: wikipedia
Advertising: