TLS 1.2

The 2008 TLS version that remains widely deployed alongside TLS 1.3 for compatibility with older clients.

TLS 1.2 (RFC 5246) is the version of TLS published in 2008. It introduced authenticated encryption suites (AES-GCM), SHA-256 in PRF and signatures, and removed MD5/SHA-1 from required suites. It remains widely supported alongside TLS 1.3 because older clients (legacy Android, Java 7, Windows 7 era browsers) cannot negotiate 1.3. A well-configured TLS 1.2 deployment uses only forward-secret ECDHE suites, AEAD ciphers, and disables RC4, 3DES, CBC, and static RSA key exchange. TLS 1.0 and 1.1 were deprecated by RFC 8996 in 2021.

Reference

RFC 5246
RFC 8996 (deprecating TLS 1.0/1.1)

Related terms

TLS 1.3
Cipher Suite
Forward Secrecy
TLS Handshake
SSL/TLS

Referenced on

HTTP Header Checker
Privacy Policy - DNS Checker
SHA-256 Generator Free Online
SMTP Diagnostics
SSL/TLS Error Codes Reference and Fixes

Back to the full glossary