TLS Version Monitoring: Deprecating TLS 1.0 and 1.1

TLS (Transport Layer Security) is the protocol that secures HTTPS connections. Not all TLS versions are equally secure — TLS 1.0 and 1.1 have known vulnerabilities and have been deprecated by all major browsers since 2020. In 2026, a server that still supports TLS 1.0 or 1.1 presents a security risk through protocol downgrade attacks. Monitoring TLS version support ensures your configuration stays secure.

TLS Version Timeline

| Version | Released | Deprecated | Status in 2026 | |---------|----------|-----------|----------------| | SSLv3 | 1996 | 2015 (POODLE) | Blocked by all browsers | | TLS 1.0 | 1999 | 2020 (all major browsers) | Should be disabled | | TLS 1.1 | 2006 | 2020 (all major browsers) | Should be disabled | | TLS 1.2 | 2008 | Not deprecated | Minimum required version | | TLS 1.3 | 2018 | — | Current standard, required for max speed |

Why TLS 1.0 and 1.1 Are a Security Risk

POODLE (Padding Oracle On Downgraded Legacy Encryption)

POODLE exploits design flaws in SSLv3 and is partially applicable to TLS 1.0. An attacker who can intercept network traffic and force a downgrade to SSLv3 or TLS 1.0 can potentially decrypt session data.

BEAST (Browser Exploit Against SSL/TLS)

BEAST exploits a vulnerability in how TLS 1.0 implements CBC (Cipher Block Chaining) cipher mode. While most modern clients have mitigations, the underlying protocol vulnerability exists.

Protocol Downgrade Attacks

If your server supports both TLS 1.3 and TLS 1.0, an active attacker who can intercept traffic can force the connection to negotiate the weaker TLS 1.0, then exploit its vulnerabilities. Disabling TLS 1.0 and 1.1 eliminates this attack vector entirely.

Monitoring TLS Version Support

From External Monitoring

AzMonitor's SSL monitoring checks TLS configuration as part of every certificate check:

ssl_monitor:
  domain: yoursite.com
  checks:
    - tls_versions:
        reject: [TLSv1.0, TLSv1.1, SSLv3]
        require: [TLSv1.2, TLSv1.3]
    - cipher_suites:
        reject: [RC4, 3DES, NULL, EXPORT, DES]

Manual Verification

# Test TLS 1.0 (should fail)
openssl s_client -connect yoursite.com:443 -tls1 2>&1 | grep -E "handshake|alert"
# Expected: alert handshake failure (TLS 1.0 rejected)

# Test TLS 1.1 (should fail)
openssl s_client -connect yoursite.com:443 -tls1_1 2>&1 | grep -E "handshake|alert"
# Expected: alert handshake failure (TLS 1.1 rejected)

# Test TLS 1.2 (should succeed)
openssl s_client -connect yoursite.com:443 -tls1_2 2>&1 | grep "CONNECTED"
# Expected: CONNECTED

# Test TLS 1.3 (should succeed)
openssl s_client -connect yoursite.com:443 -tls1_3 2>&1 | grep "CONNECTED"
# Expected: CONNECTED

Using testssl.sh

# Comprehensive TLS configuration check
testssl.sh --protocols --ciphers --server-defaults yoursite.com

# Key output sections:
# SSLv2:     not offered (OK)
# SSLv3:     not offered (OK)
# TLS 1:     not offered (OK)
# TLS 1.1:   not offered (OK)
# TLS 1.2:   offered (OK)
# TLS 1.3:   offered (OK)

Disabling TLS 1.0 and 1.1

Nginx Configuration

# nginx.conf
ssl_protocols TLSv1.2 TLSv1.3;

# Secure cipher suites
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;  # TLS 1.3 ignores this; good for TLS 1.2

Apache Configuration

# httpd.conf or ssl.conf
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:...
SSLHonorCipherOrder off
SSLSessionTickets off

AWS Application Load Balancer

AWS ALB security policies control TLS version support:

ELBSecurityPolicy-TLS13-1-2-2021-06 → Supports TLS 1.2 and 1.3, blocks older
ELBSecurityPolicy-TLS13-1-3-2021-06 → TLS 1.3 only (most restrictive)

AWS CloudFront

{
  "ViewerCertificate": {
    "MinimumProtocolVersion": "TLSv1.2_2021",
    "SslSupportMethod": "sni-only"
  }
}

TLS 1.3 Performance Benefits

Beyond security, TLS 1.3 provides significant performance improvements:

Faster handshake: TLS 1.3 reduces the handshake from 2 round trips (TLS 1.2) to 1 round trip — saving 50-100ms on initial connections.

0-RTT resumption: TLS 1.3 supports "0-RTT" (zero round-trip time) session resumption for returning clients, sending encrypted data immediately without any handshake delay.

Forward secrecy always on: TLS 1.3 mandates perfect forward secrecy (ephemeral keys), so past sessions can't be decrypted even if the server's private key is compromised.

Enabling TLS 1.3 is both a security improvement and a performance improvement — a rare combination.

Impact Assessment Before Disabling Old TLS Versions

Before disabling TLS 1.0 and 1.1, assess your user base:

Check your server logs for TLS version negotiation:

# Nginx: Count TLS version connections (last 30 days)
grep "ssl_protocol" /var/log/nginx/access.log | \
  grep -oE "TLSv[0-9.]+|SSLv[0-9]+" | sort | uniq -c | sort -rn

Expected results for a modern site:

98%   TLSv1.3
2%    TLSv1.2
0.01% TLSv1.0  ← Extremely old clients

If you see significant TLS 1.0 usage, investigate the clients. They may be automated systems (payment terminals, old POS systems, legacy enterprise integrations) that need special handling before you can disable TLS 1.0.

Add TLS version monitoring to AzMonitor and verify your TLS configuration stays compliant as your infrastructure changes. See also HTTPS monitoring for complete HTTPS security verification.