// Tool
TLS Cipher & Protocol Inspector
Deep TLS inspection — supported protocols, cipher suites, key-exchange parameters, and known vulnerabilities (Heartbleed, POODLE, BEAST, FREAK, Logjam, ROBOT, ticketbleed). Powered by the public Qualys SSL Labs API. Pairs with our SSL/TLS Inspector tool, which focuses on certificate details.
Fresh scans take 30–90 seconds. SSL Labs caches results — repeat scans return instantly. The tool will use a cached result if available within the last 24 hours.
Frequently Asked Questions
Which TLS versions should a server support today?
TLS 1.2 and TLS 1.3 only. TLS 1.0 and 1.1 are deprecated and should be disabled, and SSLv2/SSLv3 must be off entirely.
What is forward secrecy?
Forward secrecy, via ephemeral ECDHE key exchange, means each session uses a unique key — so capturing traffic and later stealing the server’s private key still will not decrypt past sessions.
Why does a TLS scan take a while?
It performs a thorough handshake probe against the server for every protocol and cipher combination via SSL Labs, which is far more comprehensive (and slower) than a single connection check.
