TLS 1.3 is Faster, How to Implement TLS 1.3 on Your Website

The TLS 1.3 Protocol is faster and safer than previous TLS versions.

Why it’s Faster and Safer

Previous TLS version requires two round-trips to complete handshake. TLS 1.3 requires only one round-trip. It also supports zero round trip mode (TLS 1.3 0-RTT), sending data on the first message to the server.

To be compatible with old browsers, TLS 1.2 allows server admins to enable older cipher suites. TLS 1.3, however, removes support for obsolete cipher suites.

Enable TLS 1.3 with CloudFlare

TLS 1.3 is available to all CloudFlare customers. CloudFlare enables TLS 1.3 by default to all free and paid customers. In CloudFlare dashboard, select the crypto tab and you will see the option to enable/disable TLS 1.3.

cloudflare-enables-tls-1-3-for-all-free-and-paid-customers

TLS 1.3 is currently a draft, but should be finalized by the end of 2016.

Browser Support for TLS 1.3

Firefox 49 supports TLS 1.3 but it’s not enabled by default. To enable TLS 1.3, type

about:config

in the address bar, then set

security.tls.version.max

from 3 to 4 and restart Firefox 49.

enable-tls-1-3-in-firefox

To confirm that TLS 1.3 is being used between Firefox and your website, refresh your website in Firefox, then press CTRL+I, then select the security tab in the new window. At the bottom you can see which TLS version is being used.

firefox-tls-1-3-support

Google Chrome supports TLS 1.3 in the canary channel. First you need to install Chrome canary. Then enter

chrome://flags

in the address bar. Find Maximum TLS version enabled, set it to TLS 1.3. Microsoft Edge browser also supports TLS 1.3.

Rate this tutorial
[Total: 1 Average: 5]

Leave a Reply

Your email address will not be published. Required fields are marked *