You currently have TLSv1 enabled, should i increase?


when i test my ssl on my site on a ssl checker its all good except for this:

Protocols You currently have TLSv1 enabled.
This version of TLS is being phased out. This warning won’t break your padlock, however if you run an eCommerce site, PCI requirements state that TLSv1 must be disabled by June 30, 2018.

Should I increase the minimum tls version and is it safe to do so? or will it block people ?


Most modern browsers and OSes support at least TLS 1.2. Since it is required to deactivate TLS <1.2 you should do so to stay PCI DSS compliant.

My two cents:
Think about what’s worse. You either lose (I guess) less than 1% of your customers by disabling 1.0 and 1.1 or your PCI DSS compliance which will definitely cost you money.

Use analytic tools to get an idea of how many customers are visiting with such old browsers or OS versions that doesn’t support modern encryption.

closed #3

This topic was automatically closed after 14 days. New replies are no longer allowed.