TLS Details

Tests TLS 1.0/1.1/1.2/1.3 support in parallel and reports the cipher suite negotiated for each version.

Enter a domain without protocol. Port 443 is always used.

TLS Details — TLS Version & Cipher Suite Check Online

101IP connects to your server in parallel, forcing each TLS version, and reports which protocols are accepted and which cipher suites are negotiated.

What is checked

TLS 1.3 — modern standard: faster handshake, strong ciphers only, forward secrecy by default;
TLS 1.2 — widely supported and secure when configured correctly;
TLS 1.1 — deprecated by RFC 8996, should be disabled;
TLS 1.0 — insecure (POODLE, BEAST), must be disabled.

Forward Secrecy (PFS)

Ciphers marked PFS use ECDHE or DHE key exchange. This means past sessions cannot be decrypted even if the server's private key is later compromised.

Grade scale

A+ / A — modern versions only, no TLS 1.0/1.1;
B / C — TLS 1.2 present, but possibly outdated versions or weak ciphers;
D / F — TLS 1.0 accessible, weak ciphers, or no TLS 1.2+.