TLS 1.1 was published in 2006 but still uses insecure MD5 and SHA-1 just like TLS 1.0. Both TLS 1.0 & 1.1 are not commonly used by browsers anymore:
Chrome 72 warning, test it on badssl.com links
If a server still supports these then the attacker might be able to downgrade the otherwise secure connection to use these insecure protocols instead of TLS 1.2 or TLS 1.3. Thus it's recommended to disable them but let's check first which browsers still need these old TLS protocols. Just a few of them do, and none of them is a modern one.
You can find out which browsers will be unable to access your server once you disable TLS 1.0 & 1.1 with the SSL Labs Server Test. Enter your Hostname, click
Submit and wait, testing takes a minute or two.
My site gets the best grade but don't act surprised
The test checks your server's HTTPS configuration, and the result should be A or A+. But at the moment, you can get A+ even if you have old TLS enabled. There are a few things that come into play here, check the rating guide. But this post is not about grades, I'll focus mostly on TLS versions below.
The Configuration section starts right below the certificate info. It lists supported protocols and the Handshake Simulation table shows simulated browsers, and tells you which protocols and cipher suites they use to make a connection to your site.
Truncated results of the handshake simulation for a random server
The “handshake” is the first phase of the HTTPS connection. The browser uses it to negotiate protocols, cipher suites, encryption keys with the server. SSL Labs simulates some 50 different browsers and shows the results of the negotiation.
Let's explain the first line but donut worry, it's not a cryptography deep-dive:
Now let's check the last line of the previous picture:
Checking all the lines, you can see which browsers have used TLS 1.0 or 1.1. If you don't want to or don't need to support them just disable these old TLS protocols in your server config. Slevomat.cz, the biggest daily deals site of the Czech Republic (now acquired by Secret Escapes), has disabled old TLS protocols already, so maybe you can too. Your server admin knows how to do that, there's
SSLProtocol in Apache,
ssl_protocols in nginx.
At the bottom of the Handshake Simulation section, there's Not simulated clients (Protocol mismatch) list. These browsers using their default configuration tried to connect to your site using an unsupported protocol. The list looks like this for my site, below is the most interesting part, and the full list also includes old Java, OpenSSL from the day when dinosaurs still roamed the Earth, and Safari 5 & 6 on OS X:
Chrome 49 running on Windows XP can't access my site either because it requires an RSA certificate which I've stopped using. If the browser supports TLS 1.2, it also supports an EC certificate, except this one. If you need to support Chrome 49 on Windows XP you can still deploy both RSA and EC certificates at the same time, provided your server supports multiple certificates. Both Apache and nginx do.
While you are at it, you can also disable unused cipher suites. SSL Labs Server Test marks some of the cipher suites as weak, and some of them even insecure, but you can disable them in your server config if none of the browsers you wish to support requires them. My server offers just 5 cipher suites, and I've used Mozilla's config generator with the “Modern” profile to configure them.
If you want to know more about HTTPS and TLS you can sign up to The Best TLS Training in the World authored by Ivan Ristić, the founder of the SSL Labs site, and run by my friend Scott Helme of Report URI, the tool I also work on. I offer HTTPS training in the Czech Republic, the second best one I guess