How to determine if a browser is using an SSL or TLS connection?

  • I want to know whether my browser is using SSL or TLS connection if I see HTTPS.

    I want to know for IE, Firefox, Chrome and Safari. I want to know the protocol version.

    btw TLS is essentially SSL 3.1, so you want to know the protocol version.

    please, specify what browser you are using

    I want to know on all the famous browsers; IE, Firefox, Chrome, Safari. Yes, I want to know the protocol version.

    Are you concerned with benchmarking browsers or are you concerned with the actual traffic? You can capture traffic with Wireshark and see its encrypted. Otherwise, you need to consult each vendor's website.

    if its google chrome https://support.google.com/chrome/bin/answer.py?hl=en&;answer=95617&p=ui_security_indicator

  • There are several protocol versions : SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2. Internally, TLS 1.0/1.1/1.2 are SSL 3.1/3.2/3.3 respectively (the protocol name was changed when SSL became a standard). I assume that you want to know the exact protocol version that your browser is using.

    According to what is described on this blog post, Internet Explorer can display the protocol version information. Just hit File->Properties or Right-click -> Properties, and a window would open, under Connection, you'd see something like:

    TLS 1.2, RC4 with 128 bit encryption (High); RSA with 2048 bit exchange

    As of today, Firefox supports TLS 1.0, TLS 1.1 and TLS 1.2. You can see the negotiated protocol version if you click the padlock icon (on the left of the URL), then More Information and then under the Technical Details.

    Chrome can display the version. Click on the padlock icon; a popup appears, which contains some details, including the protocol version. example: (verified on version 21.0.1180.82)

    The connection uses TLS 1.0

    Opera shows the protocol version in a way similar to Chrome: click on the padlock icon, then click on the "Details" button. e.g. (verified on version 12.01):

    TLS v1.0 256 bit AES (1024 bit DHE_RSA/SHA)

    For browsers which do not show the information, you can always obtain it running a network analyzer like Wireshark or Network Monitor: they will happily parse the public headers of the SSL/TLS packets, and show you the version (indeed, all of the data transfers in SSL/TLS are done in individual "records" and the 5-byte header of each record begins with the protocol version over two bytes).

    And, of course, the actual protocol version is a choice of the server, based on what the server is configured to accept and the maximum version announced by the client. If the server is configured to do TLS 1.0 only then any connection which actually happens will use TLS 1.0, necessarily.

    (Edit: I have incorporated some information from the comments; done a few tests myself. Feel free to enhance this answer as needed.)

    Interesting that the Firefox extension shows the cipher, but not the SSL version.

    In firefox clicking on the favicon in the address bar and clicking more info shows the same info as the extension. In chrome clicking the icon also shows that info in a popup.

    @ewanm89: for the Firefox I am presently using (14.0.1 on a Linux/Ubuntu system), all the information is _not_ present. I can get the server certificate and the used symmetric cipher, but _not_ the exact protocol version (i.e. I don't know if it is SSL 3.0, TLS 1.0, TLS 1.1 or TLS 1.2).

    @ThomasPornin as Polynomial has already pointed out, neither does the extension. I'd add that current versions of firefox are SSL 3.0/TLS 1.0 only

    In opera you can click on the icon to the left of the address bar

    On Chrome, if you click on the lock icon, you'll get details about the certificate first, followed by SSL/TLS version and cipher suite (AFAIK, it also warns you if the server doesn't support at least TLS 1.0).

    Later versions of Chrome have this information in the security tab of the developer tools.

    How-to use ***Network Monitor*** ?

    @nickd Indeed; Chrome currently no longer shows any encryption information or certificate information by clicking the padlock, only whether the connection is "secure" or not.

    Now we have TLS 1.3 too.

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM