How to check TLS version of a website

0 votes
I want to verify the security of a website’s connection by checking which version of TLS (Transport Layer Security) it is using. What are the easiest methods or tools to determine the TLS version in use on a website?
I’m looking for practical, hands-on ways to check this, whether via a browser extension, command-line tools like OpenSSL, or online services.
Nov 21 in Cyber Security & Ethical Hacking by Anupam
• 5,390 points
25 views

1 answer to this question.

0 votes

There are various ways to confirm the TLS version that a website is using, from internet services and command-line tools to browser-based applications. Here's how to accomplish it:

1. Using Browser Developer Tools

Modern browsers let you inspect the security details of a connection.

Google Chrome/Edge:

  • Open the website.
  • Click the lock icon in the address bar.
  • Select "Connection is secure" or equivalent.
  • Go to Certificate (Valid) → Details → Look for "Protocol" or similar information.

Mozilla Firefox:

  • Open the website.
  • Click the lock icon.
  • Select "Connection secure" → "More Information".
  • The "Connection" tab will show the TLS version.

2. Using OpenSSL

You can use the OpenSSL command-line tool to test the TLS version.

Check with Default Protocols:

openssl s_client -connect <website>:443

Look for the Protocol in the output (e.g., TLSv1.2 or TLSv1.3).

Force a Specific TLS Version:

To test TLS 1.2:

openssl s_client -connect <website>:443 -tls1_2

To test TLS 1.3:

openssl s_client -connect <website>:443 -tls1_3

If the connection fails, the server does not support the specified version.

3. Using Curl

Curl can help you determine the TLS version by forcing specific versions.

Check with the default:

curl -v https://<website>

Look for SSL connection using in the output.

Force specific versions:

curl --tlsv1.2 https://<website>
curl --tlsv1.3 https://<website>

4. Using Online Tools

Several online services can provide detailed TLS version information.

SSL Labs (Qualys):

  • Visit SSL Labs.
  • Enter the website URL.
  • The report will include supported TLS versions and their configuration.

Hardenize:

Hardenize also provides a comprehensive analysis of TLS versions and security settings.

5. Using Nmap

The Nmap network scanner can also test TLS versions.

Run the SSL-enum-ciphers script:

nmap --script ssl-enum-ciphers -p 443 <website>

Look for the "TLSv1.2" or "TLSv1.3" in the output under SSL/TLS Protocols.

6. Wireshark

Use Wireshark to analyze TLS handshakes if you have access to the network traffic.

  • Start capturing packets.
  • Visit the website in a browser.
  • Filter by tls.handshake.type == 1 (Client Hello).
  • Inspect the handshake details to see the negotiated TLS version.
answered Nov 22 by CaLLmeDaDDY
• 6,540 points

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer
0 votes
1 answer

How to find password of a wifi using ubuntu 18.06?

To hack a wifi password using ubuntu: You ...READ MORE

answered Apr 24, 2020 in Cyber Security & Ethical Hacking by Kim

edited Oct 6, 2021 by Sarfaraz 40,837 views
+1 vote
1 answer

How do you decrypt a ROT13 encryption on the terminal itself?

Yes, it's possible to decrypt a ROT13 ...READ MORE

answered Oct 17 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 6,540 points
114 views
+1 vote
1 answer
+1 vote
1 answer
+1 vote
1 answer
0 votes
1 answer

How to find subdomains of a domain?

To enumerate subdomains of a domain, there ...READ MORE

answered Nov 7 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 6,540 points
40 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP