SECURITY GUIDE

TLS Cipher Test: Cipher Suite and TLS Configuration Analysis

Check the cipher suites supported by your server, identify obsolete protocols and configure TLS for maximum security.

Cipher suites: the algorithms of TLS cryptography

When a browser connects to an HTTPS server, the first step is the TLS handshake: client and server negotiate which combination of cryptographic algorithms (cipher suite) to use for the connection. A cipher suite consists of four algorithms: key exchange (such as ECDHE which ensures forward secrecy), authentication (RSA or ECDSA to verify the server's identity), symmetric encryption (AES-256-GCM to encrypt data), and hash function (SHA384 for integrity). The security of the connection depends entirely on the strength of these algorithms.

The TLS Cipher Test analyzes the cipher suites offered by the server during the handshake, checking supported TLS versions, cipher preference order, presence of weak or obsolete ciphers, and support for advanced features like forward secrecy. A well-configured server offers only modern and secure cipher suites, with TLS 1.2 and 1.3 as the only supported versions, and forward secrecy on all connections.

Secure vs obsolete ciphers

Cipher suite classification
$ tls-test --host esempio.com

TLS 1.3 ✓
  TLS_AES_256_GCM_SHA384         ✓ Sicuro
  TLS_CHACHA20_POLY1305_SHA256   ✓ Sicuro
  TLS_AES_128_GCM_SHA256         ✓ Sicuro

TLS 1.2 ✓
  ECDHE-RSA-AES256-GCM-SHA384    ✓ Sicuro + Forward Secrecy
  ECDHE-RSA-AES128-GCM-SHA256    ✓ Sicuro + Forward Secrecy
  DHE-RSA-AES256-GCM-SHA384      ✓ Sicuro + Forward Secrecy
  AES256-SHA256                   ⚠ No Forward Secrecy

TLS 1.1 ✗ Disabilitato (corretto)
TLS 1.0 ✗ Disabilitato (corretto)

Ciphers to absolutely avoid: RC4 (broken), DES and 3DES (weak), MD5 (known collisions), export ciphers (deliberately weakened cryptography), and any cipher without forward secrecy (direct RSA key exchange). Recommended ciphers use ECDHE for key exchange (forward secrecy), AES-GCM or ChaCha20-Poly1305 for encryption, and SHA256+ for hashing. TLS 1.3 simplifies the choice: it offers only secure cipher suites by design.

Configuring TLS correctly

For Nginx, Apache and other web servers, Mozilla offers the SSL Configuration Generator that generates optimal configurations for each compatibility level. The "Modern" configuration supports only TLS 1.3 (maximum security, less compatibility), "Intermediate" adds TLS 1.2 with secure ciphers (good compromise), "Old" also supports legacy clients (more compatibility, less security). For most sites, "Intermediate" is the optimal choice.

After configuration, verify with the TLS Cipher Test and with SSL Check for the overall grade. If your server also handles email, test the ciphers on the SMTP port with SMTP Diagnostics — the TLS configuration for mail might differ from the web one. A server with Grade A on HTTPS but weak ciphers on SMTP still has a significant vulnerability in email communications.

Forward secrecy deserves particular attention: it ensures that even if the server's private key is compromised in the future, past sessions remain secure. Without forward secrecy (direct RSA key exchange), an attacker who obtains the private key can decrypt all past traffic they recorded. With ECDHE, each session uses ephemeral keys that are destroyed at the end of the connection, making retroactive decryption impossible.

Try TLS Cipher Test for free
Verify supported TLS cipher suites and identify weak ones
Use TLS Cipher Test >

Explore the Network

capops.io Free tools for DevOps & SysAdmin — monitoring, deploy, CI/CD, server management and more Visit → pixcode.io Free graphic tools — image converter, color palette generator, SVG optimizer and more Visit →