More About TLS and SSL
Last modified: March 27, 2023
Overview
This document explains the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols and how servers use them.
cPanel & WHM supports Transport Layer Security (TLS) protocol version 1.2 and Transport Layer Security (TLS) protocol version 1.3:
- Beginning in cPanel and WHM version 86, cPanel & WHM only supports TLSv1.2 or later. The system also enables TLSv1.2 by default.
- In cPanel and WHM version 84 or earlier, cPanel & WHM strongly recommends that you enable TLSv1.2 on your server.
- Not all internet browsers or clients will support TLSv1.3, which requires OpenSSL 1.1.1 or higher.
TLS and SSL
TLS and SSL are two cryptographic protocols that clients and servers use for secure communication over the internet. Systems frequently use them for email and web browsing.
Both of these protocols initiate a “handshake,” during which your server and the user’s computer agree upon specific conditions. These conditions include, most importantly, a set of public and private keys that they will use to encrypt and decrypt messages during the secure session.
As a web server, your server will identify itself with a certificate when it receives a secure request from a user. These certificates are either self-signed or verified through a certificate authority (CA).
Servers generate and sign their own self-signed certificates. We do not recommend self-signed certificates because they do not use a third-party verification system, and any server can spoof your server. To remedy this issue, we recommend that you use a certificate that you obtain through a CA. The CA verifies the identity of your server to secure user requests.