Module 2 · TLS in Practice

Manish Garg
Manish Garg Associate of (ISC)² · RingSafe
Apr 22, 2026
4 min read
Read as

Last updated: April 29, 2026

TLS 1.2/1.3, cipher suites, handshake, certificate validation, HSTS, CT, common misconfigurations, testing with testssl.sh.

TLS (Transport Layer Security) is the protocol that secures nearly every HTTPS, SMTPS, and many other connections. Knowing what version, cipher suites, and configuration to deploy — and how to test them — is essential. This module covers TLS 1.2 / 1.3 in 2026, certificate validation, common misconfigurations, and the testing approach that matters.

TLS versions in 2026

  • TLS 1.0, 1.1 — deprecated, removed from major browsers since 2020. Disable in any service config
  • TLS 1.2 — still acceptable; widespread support; backward compatibility
  • TLS 1.3 — modern default; faster handshake, simpler protocol, fewer footguns. Should be preferred

Mature deployments: TLS 1.2 + 1.3 enabled, all earlier versions disabled.

Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants
← Previous · Module 1
Module 1 · Modern Cryptography Fundamentals
← Back to Academy Hub
Continue Learning

Other modules in this track

View all modules
Academy
Module 1 · Beginner

Symmetric, asymmetric, hashing, MACs, password hashing, RNG, libsodium, post-quantum status, the cardinal rule.

Apr 22, 2026 · 5 min read
Academy
Module 3 · Intermediate

CAs, cert types, ACME, lifecycle, revocation, internal PKI, service mesh PKI, code signing, lifetime trends.

Apr 22, 2026 · 5 min read
Academy
Module 4 · Advanced

Vault, dynamic secrets, rotation strategies, CI/CD secrets, leak detection, multi-environment isolation, audit.

Apr 22, 2026 · 5 min read