Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. TLS 1.2 not supported

Author: Government Digital Service

TLS 1.2 not supported

What this means

TLS 1.2 is a widely accepted secure cryptographic protocol for encrypting network communications.

A server not supporting TLS 1.2 may force clients to use older, insecure versions like TLS 1.0 or 1.1.

Why this is a problem

Older TLS versions (1.0, 1.1) are vulnerable to attacks like BEAST and POODLE.

Security standards (e.g., PCI-DSS) require TLS 1.2 or higher.

Modern browsers and applications no longer support TLS 1.0 and 1.1, leading to service disruptions.

How to check if the problem is there

Check the webserver’s SSL/TLS configuration to determine what protocols are available and enabled.

There are a number of online tools such as Qualys SSL Labs which can be used to check what cipher suites and protocols are enabled on a website.

How to fix this

Disable outdated protocols such as TLS 1.0 and TLS 1.1 and ensure the server uses TLS 1.2 and TLS 1.3.

If only TLS 1.3 is enabled, you may wish to consider enabling TLS 1.2 to help accessibility from certain devices and browsers.

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now