What is HTTPS / TLSv1.3 Certificate?

Ask A Question

LiteSpeed SSL Features


Start » Knowledgebase » LiteSpeed » HTTPS / TLSv1.3 Certificate
What is HTTPS / TLSv1.3 Certificate? HTTPS/TLS (Transport Layer Security) is a protocol that is used to encrypt data between a client and a server to ensure privacy and data integrity. TLSv1.3 is the latest version of the TLS protocol, released in 2018, and it comes with several improvements over its predecessor TLSv1.2. One of the significant improvements is the ability to perform a faster and more secure handshake process between the client and the server.

An HTTPS/TLSv1.3 certificate is an electronic document that provides information about the identity of a website and is used to establish a secure connection between the client and server. It contains information such as the website's domain name, public key, and the certificate's validity period, among other details. When a user connects to a website over HTTPS/TLSv1.3, the website presents its certificate to the user's browser, which verifies the certificate's authenticity and establishes a secure connection.

LiteSpeed SSL Features

LiteSpeed takes your system's security seriously with important SSL/TLS security measures like these.

Forward Secrecy
Forward Secrecy
Forward Secrecy protects data at the network transport layer by ensuring that past communications cannot be decrypted even if secret keys are compromised. LiteSpeed achieves this by regularly rotating the SSL session ticket automatically.

SSL Renegotiation Protection
SSL Renegotiation Protection
Generating an SSL key incurs significant overhead and can crash a server if run continuously. LiteSpeed's SSL renegotiation protection limits the number of times a client can renegotiate SSL material and fills this gap.

Downgrade Attack Prevention
Downgrade Attack Prevention
LiteSpeed supports TLS_FALLBACK_SCSV, a Signaling Cipher Suite Value (SCSV) that prevents TLS protocol downgrade attacks.

OCSP Stapling
OCSP Stapling
OCSP (Online Certificate Status Protocol) allows the issuer of a certificate to "stitch" a time-stamped, CA-signed OCSP response to the initial TLS handshake. This eliminates the need for clients to contact the CA, potentially improving both security and performance.

Security Against Known Vulnerabilities
Security Against Known Vulnerabilities
When new vulnerabilities in SSL are exploited, LiteSpeed acts quickly (often within hours) to ensure your websites are protected. LiteSpeed currently offers protection against these known vulnerabilities and remains vigilant for future potential threats:


More LiteSpeed related Topics