The end of TLS v1.0 and v1.1 is near – the most popular browsers will either display a warning message when you visit a TLS 1.0/1.1 site or require user intervention and confirmation to connect to the website.
What is TLS / Transport Layer Security?
The aforementioned security protocols are pretty old now, released in 1996 and 2006, respectively. The cryptographic algorithms used are weak and outdated by modern standards. They are susceptible to several cryptographic attacks, which allow the attacker to decrypt the HTTPS protocol and see the user's traffic in plain text. The attacks are the following: LUCKY 13, BEAST, SWEET 32, POODLE, and CRIME.
When the browser changes take effect, users hitting a site running TLS v1.0 or v1.1 will not be able to connect directly but will first see a message: "Secure connection failed" or "Your connection is not fully secure," depending on the used browser. You can ignore the warning and proceed to the website at your own risk.
Needless to say, you should already be using TLS 1.2 or TLS 1.3 for your website. However, according to Netcraft's scans, you will be surprised that more than 850,000 websites are still using outdated algorithms.
So, how can you tell if your website still uses the outdated TLS 1.0/1.1 algorithms? We can help you – head over to our free SSL/TLS Certificate Validation Tool.
Type in the name of your website and click the Test Now button. Once the test is completed, look for the Connection protocol field, as shown in the screenshot. We can all sigh with relief that Google uses a modern version of the algorithm – TLS 1.2.