Check if Your Website Supports TLS 1.2 – 1-Minute Tutorial

With the upcoming changes to PCI compliance and the whole credit-card industry, it’s important to ensure that your SSL encryption supports TLS 1.2 and HTTP/1.1. If you’re here, you more than likely received a letter or warning from PayPal or your credit card provider that you failed a test or otherwise need to verify support of these things.

The dubious nature of these “failed” warnings notwithstanding, it’s actually not very hard to check and see if your current server supports these protocols. All we need to do is add a simple test file to our site and check the results.

Here’s what you’ll do!

  1. First, you’ll need access to your site’s files. FTP or sFTP work best, but if you have an online file manager that will work fine as well.
  2. Next, create a file called test.php in your site’s root folder.
  3. In that file, copy the following code in to the content of that page:
  4. Access this file by going to your website and adding /test.php to the web address. So if your site is  example.com , you would go to  example.com/test.php .

Example of a successful test

You should easily get your answer! This page will let you know whether your site supports TLS 1.2 and HTTP/1.1. Follow the descriptions of the results on the page to determine whether you’ve passed, or what the issues are.

If you get a green “PayPal_Connection_OK”, then you’re all set! Your server fully supports these protocols. A red message indicates that there is an issue.

How does this work? Simple! It’s just a basic script that accesses PayPal’s API endpoint which is designed only to determine whether TLS 1.2 and HTTP/1.1 are supported. A simple response is returned which lets you know the result.

Alternatively, there is a website you can use that will check your SSL certificate and tell you which protocols it supports. This will show you which TLS versions are enabled, but not whether HTTP/1.1 is available.

  1. Go to the DigiCert SSLTools website.
  2. Click “Check SSL/TLS.
  3. Enter in your website address and click “Check”. I recommend entering it as *.example.com
  4. Once it’s done checking, click “Details” and then “Server Configuration”. In the top-left corner of the results, it should say “Protocols enabled” and under that, you will hopefully see “TLS1.2”. If so, you’re all set!

These protocols are important because they make sure credit card data is fully secured, according to the PCI-compliant standards. If you fail, please let us know so we can take a look. It may be time to switch to some better website hosting!

About Brian Johnson

Brian Johnson is a website developer and designer living in Minneapolis, Minnesota with a passion for code and WordPress. He spends his days building WordPress websites for small businesses, developing new code with the online community, and living life.

Leave a Reply

Your email address will not be published. Required fields are marked *