The Difference Between TLS and SSL

What is the relationship between an SSL and TLS? Most of us are familiar with SSL (Secure Socket Layer) but not TLS (Transport Layer Security). Both protocols are used to transmit online data securely between two endpoints. SSL is older than TLS, but all SSL certificates can use both SSL and TLS encryption. TLS is the replacement protocol to SSL as TLS is the updated version of the SSL protocol. TLS operates similarly to SSL by using encryption methods to ensure secure communication.

We will call the actual certificate an “SSL certificate” to distinguish the encryption type, from the credentials. SSL has its origins in the early 1990s. Netscape and AOL first coined the term SSL.

TLS issues generally arise when the Apache service fails a PCI scan. You may have also noticed that your SSL certificate mentions TLS when you are ordering the certificate. Two questions now arise;

What is TLS as it relates to an SSL?

Which of the two should you be using?

In the upper left corner of a web page, you can see a green lock. This indicates the site is secured and communication is encrypted. While it may not appear to play a pivotal role, it actually plays a critical part in securing the site. The SSL is what your web browser uses to indicate the data being sent and received is secure. An SSL creates a secure tunnel for HTTPS communication to occur. TLS is the updated version of SSL and should be used. TLS version 1.3 is the latest implementation of this protocol.

HTTPS stands for Hyper Text Transfer Protocol Secure. This is different from regular HTTP which does not have SSL present. In the web browsers address bar, a red lock or a yellow triangle may be seen. This indicates that the connection is not encrypted.

#technical support #browser #https #pci #pci compliant #protocols #security #version