TLS v SSL : which should you use

21 June,2022 by Tom Collins

 

TLS SSL
Transparent Layer Security (TLS) Secure Sockets Layer (SSL)
versions: SSL  (1.0, 2.0, 3.0) versions:TLS (1.0,1.1,1.2,1.3)
Vulnerabilities discovered in all versions Vulnerabilities in 1.0& 1.1
Founder: Internet Egineering Taskforce 1999 Founder: Taher Elgamal (Netscape) 1995

 

-In documentation\forums\web sites  -  TLS & SSL are used interchangeably , confusing the issue. TLS should be the priority over SSL given the deprecation status and vulnerabilities.MS SQL supports TL2 1.2  as standard. Microsoft recommends you use TLS 1.2 
-TLS 1.0 & 1.1 now deprecated
-SSL 2.0 & SSL 3.0 were deprecated in 2011 & 2015. Vulnerabilites continue to be discovered - Heartbleed , POODLE 
-Certificates are not dependant on protocols
-The certificate facilitates the handshake between the server & client. At the handshake phase - the protocol version is established , as well as the shared secret & that is the key determinant in the encryption strength.

 

Read more on SSL,TLS & SQL Server

How to generate a self signed certificate for SQL Server with New-SelfSignedCertificate

How to check SSL encryption is enabled on SQL Server with Powershell

How to check a SQL Server connection is encrypted with SSL

TLS , SQL Server and powershell cmdlet - Get-TLSCipherSuite

 


Author: Tom Collins (http://www.sqlserver-dba.com)


Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on TLS v SSL : which should you use


sqlserver-dba.com | SQL Server Performance Tuning | SQL Server DBA:Everything | FAQ | Contact|Copyright & Disclaimer