Skip to main content
Zondex
login
Browse Stats Pricing Blog Dorks How-To Docs
lock

TLS

Transport Layer Security — a cryptographic protocol that provides secure communication over a computer network.

What is TLS?

TLS (Transport Layer Security) is a cryptographic protocol designed to provide communications security over a computer network. It is the successor to SSL (Secure Sockets Layer) and is widely used to secure web traffic (HTTPS), email, instant messaging, and VoIP.

TLS Versions

Version Year Status Notes
SSL 3.0 1996 Deprecated POODLE vulnerability
TLS 1.0 1999 Deprecated BEAST, known vulnerabilities
TLS 1.1 2006 Deprecated No longer considered secure
TLS 1.2 2008 Active Widely supported, still secure
TLS 1.3 2018 Active Latest, fastest, most secure

How TLS Works

  1. Client Hello — client sends supported TLS versions, cipher suites, and a random number
  2. Server Hello — server selects TLS version and cipher suite, sends certificate
  3. Key Exchange — secure key material is generated (ECDHE, DHE, or RSA)
  4. Encrypted Communication — all data is encrypted using the negotiated symmetric key

TLS 1.3 simplifies this to a 1-RTT handshake (or even 0-RTT for resumption), making it significantly faster than previous versions.

TLS Certificate Fields

Field Description Example
Issuer Certificate Authority (CA) Let's Encrypt, DigiCert
Subject Domain or organization *.example.com
SANs Subject Alternative Names Multiple domains
Validity Not Before / Not After Valid date range
Key Algorithm RSA, ECDSA, Ed25519 RSA 2048, ECDSA P-256

TLS in Zondex

Zondex indexes TLS certificate information including:

  • Certificate issuer and subject — who issued it and for whom
  • Validity dates — expiration tracking
  • Key algorithms and sizes — cryptographic strength
  • JARM fingerprints — TLS server fingerprinting
  • Subject Alternative Names (SANs) — all domains on a certificate

Search on Zondex

Use TLS-related filters to search:

  • tls:true — find all hosts with TLS enabled
  • tls:false port:443 — find HTTPS ports without TLS (misconfiguration)
  • tag:self-signed — find self-signed certificates
  • ssl.issuer:"Let's Encrypt" — find certs from a specific CA
  • tag:expired-cert — find expired certificates
search

Try it on Zondex

See TLS data in action with these search queries:

tls:true tls:false port:443 tag:self-signed
arrow_back
Previous
TCP
Next
TLS Handshake
arrow_forward

At a Glance

Term TLS
Related 2 terms
Updated Mar 13, 2026

Related Terms

fingerprint
JARM

An active TLS server fingerprinting tool that produces a hash representing the TLS configuration of a server.
sensors
Open Port

A network port that is accepting connections, indicating a running service that can be accessed remotely.
menu_book
Browse All Terms
138 terms in the glossary
arrow_forward
support_agent
Zondex Support
Usually replies within minutes
Hi there!
Send us a message and we'll reply as soon as possible.