HTTPS: Difference between revisions
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
* Support TLSv1.3 | * Support TLSv1.3 | ||
* Do not support SSLv3 or lower | * Do not support SSLv3 or lower | ||
* Disable support for TLS 1.0 and TLS 1.1, but beware of incompatible clients | |||
Revision as of 15:07, 4 September 2019
Ways to improve HTTPS connections
- DNS CAA records - these restrict which certificate authorities are valid for the domain.
- Support TLSv1.3
- Do not support SSLv3 or lower
- Disable support for TLS 1.0 and TLS 1.1, but beware of incompatible clients