In our earlier articles, we have learned about TLS protocols, and how to disable the older versions of TLS protocols in Windows Server and Apache servers.
Also, we learned about browser support for older and newer versions of TLS protocols. There I have mentioned a point that all modern latest version browser by default supports TLS higher version which is TLS 1.2. But some older version browsers are not giving default support TLS 1.1 and TLS 1.2
Here, I will explain the steps to apply the TLS supported version settings in Browser.
To Update the TLS supported protocols versions in Internet Explorer
- Open Internet Explorer -> Menu bar
- Click Tools > Internet Options > Advanced tab
- Scroll down to Security section, there you will find the Browser supported TLS protocol versions. Refer the screenshot.
4. Here, you can check “Use TLS 1.2” and then Apply and OK.
5. Close and Open the Internet Explorer Browser again.
To Update the TLS supported protocols versions in Firefox
- Open Firefox -> New tab
- Type about:config in the address bar of new tab and click enter,
- This will ask to accept the risk of configuration changes.
4. Proceed with “I accept the risk!”. This will show all configurations settings.
5. Search for TLS configuration.
6. You find security.tls.version.max and security.tls.version.min option.
7. Double click on that option to edit the value.
8. Max value set to 4 means this will enforce TLS 1.3
9. Min value set to 1 means, this will support from TLS 1.0
10. Firefox consider the protocol versions and values in the order TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3 as 1, 2, 3, 4 respectively.
11. Example, if you edit security.tls.version.min value to 3, then browser will not support TLS 1.0 and TLS 1.1 protocols. So, any request which used those protocols will be rejected by the browser.
To Update the TLS supported protocols versions in Chrome
You no need to update the TLS protocols in Chrome, because by default chrome will connect all the HTTPS request with higher TLS protocol versions.
To checkout Browsers and the versions which supports TLS higher versions by default from the below article.