TLS Version Comparison

Comparison reference for TLS 1.0/1.1/1.2/1.3 covering versions, cipher suites, handshake, certificates, extensions, deprecated features, and best practices

Related Categories:SSL/TLSSecurity

49 commands

TLS 1.0 (1999)

Successor to SSL 3.0. Deprecated due to known vulnerabilities

ssl_protocols TLSv1; # 非推奨

TLS 1.1 (2006)

Added CBC attack mitigations. Now deprecated

ssl_protocols TLSv1.1; # 非推奨

TLS 1.2 (2008)

AEAD cipher suite support. Still widely used

ssl_protocols TLSv1.2;

TLS 1.3 (2018)

Faster handshake, mandatory forward secrecy. Recommended

ssl_protocols TLSv1.3;

TLS 1.3 0-RTT

Reduce latency with TLS 1.3 0-RTT resumption

ssl_early_data on; # リプレイ攻撃に注意

バージョン確認 (openssl)

Check TLS version with openssl

openssl s_client -connect example.com:443 -tls1_3

バージョン確認 (nmap)

Scan supported TLS versions with nmap

nmap --script ssl-enum-ciphers -p 443 example.com

プロトコルネゴシエーション

Negotiate TLS version between client and server

ClientHello: supported_versions: [TLS 1.3, TLS 1.2]

AES-128-GCM

Recommended AEAD cipher for TLS 1.2/1.3. Fast and secure

TLS_AES_128_GCM_SHA256

AES-256-GCM

256-bit AES-GCM. Highest level of encryption strength

TLS_AES_256_GCM_SHA384

CHACHA20-POLY1305

AEAD cipher fast on mobile/ARM environments

TLS_CHACHA20_POLY1305_SHA256

ECDHE鍵交換

Elliptic curve Diffie-Hellman for forward secrecy

ECDHE-ECDSA-AES256-GCM-SHA384

暗号スイート順序

Control cipher suite priority on server side

ssl_prefer_server_ciphers on;

暗号スイート一覧表示

List supported cipher suites with OpenSSL

openssl ciphers -v 'TLSv1.3'

Nginx暗号設定

Configure recommended cipher suites in Nginx

ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';

Apache暗号設定

Configure recommended cipher suites in Apache

SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:...

TLS 1.2 フルハンドシェイク

TLS 1.2 requires 2-RTT full handshake

ClientHello -> ServerHello -> Certificate -> Done

TLS 1.3 フルハンドシェイク

TLS 1.3 completes handshake in 1-RTT

ClientHello+KeyShare -> ServerHello+Finished

セッション再開

Speed up reconnection with session tickets

ssl_session_tickets on; ssl_session_timeout 1d;

ClientHello

Client sends supported protocols, ciphers, and extensions

openssl s_client -connect host:443 -msg | head -20

ServerHello

Server responds with selected protocol and cipher

ServerHello: TLS 1.3, TLS_AES_256_GCM_SHA384

ハンドシェイクデバッグ

Debug TLS handshake details

openssl s_client -connect host:443 -debug -state

ALPN

Negotiate protocol with ALPN

openssl s_client -connect host:443 -alpn h2,http/1.1

証明書確認

Check server certificate details

openssl s_client -connect example.com:443 | openssl x509 -text

証明書有効期限確認

Check SSL certificate expiration date

openssl s_client -connect host:443 2>/dev/null | openssl x509 -noout -dates

Let's Encrypt発行

Obtain free SSL certificate with Let's Encrypt

certbot certonly --nginx -d example.com

CSR生成

Generate Certificate Signing Request (CSR)

openssl req -new -key server.key -out server.csr

自己署名証明書

Create self-signed certificate for development

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

証明書チェーン検証

Verify certificate chain integrity

openssl verify -CAfile ca-bundle.crt server.crt

ECDSA証明書

Generate ECDSA certificate (faster than RSA)

openssl ecparam -genkey -name prime256v1 -out key.pem

SNI (Server Name Indication)

Host multiple certificates on a single IP

openssl s_client -connect host:443 -servername example.com

OCSP Stapling

Cache certificate revocation check on server side

ssl_stapling on; ssl_stapling_verify on;

Certificate Transparency

Ensure certificate transparency with CT logs

Expect-CT: max-age=86400, enforce

Encrypted ClientHello (ECH)

Encrypt SNI in ClientHello with TLS 1.3

ssl_ech on; # 実験的機能

Key Share

Include key share parameters in ClientHello for TLS 1.3

supported_groups: x25519, secp256r1

SSL 2.0 無効化

SSL 2.0 has critical vulnerabilities, must be disabled

ssl_protocols TLSv1.2 TLSv1.3; # SSL無効

SSL 3.0 無効化

Disable SSL 3.0 vulnerable to POODLE attack

SSLProtocol all -SSLv3

RC4無効化

RC4 cipher is breakable and must not be used

ssl_ciphers '!RC4';

3DES無効化

Disable 3DES vulnerable to Sweet32 attack

ssl_ciphers '!3DES';

MD5無効化

Do not use MD5 for hashing due to collision attacks

ssl_ciphers '!MD5';

SHA-1非推奨

SHA-1 vulnerable to collision attacks, not for certificates

openssl x509 -in cert.pem -text | grep sha1 # 検出

静的RSA鍵交換非推奨

Disable static RSA key exchange (no forward secrecy)

ssl_ciphers '!kRSA';

Mozilla SSL Configuration Generator

Generate recommended config with Mozilla SSL Config Generator

https://ssl-config.mozilla.org/

SSL Labs テスト

Test server TLS configuration with SSL Labs

https://www.ssllabs.com/ssltest/

testssl.sh

Comprehensive TLS testing from command line

testssl.sh https://example.com

HSTS設定

Enable HTTP Strict Transport Security

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

証明書自動更新

Auto-renew Let's Encrypt certificates with cron

0 0 1 * * certbot renew --quiet

CAA レコード設定

Restrict allowed CAs with DNS CAA record

example.com. CAA 0 issue "letsencrypt.org"

TLS 1.2+1.3 推奨設定

Recommended config enabling only TLS 1.2 and 1.3

ssl_protocols TLSv1.2 TLSv1.3;