Detect browser TLS compatibility
We have a SSL website where the host has recently disabled older SSL protocols like TLS 1.0 and below. Depending on the browser, the site visitor gets a blank page or a cryptic error message when they visit the site if the browser they are using does not support at least TLS 1.1.
I was hoping to create a landing page that is not on the SSL port and where I can detect the browser capability if it supports TLS 1.1 and above. If it doesn't then I want to show them a friendly message to upgrade their browser or use a different browser.
Is this something that can be accomplished using client side javascript library? If so, then what should I be using?
Thanks.
Answer
You can use the API provided by How's my SSL?.
In the following example, I check the tls_version. Checking given_cipher_suites may also be a good idea.
<script>
window.parseTLSinfo = function(data) {
var version = data.tls_version.split(' ');
console.log(
version[0] != 'TLS' || version[1] < 1.2
? 'So bad! Your browser only supports ' + data.tls_version + '. Please upgrade to a browser with TLS 1.2 support.'
: 'All OK. Your browser supports ' + data.tls_version + '.'
);
console.log(data);
};
</script>
<script src="https://www.howsmyssl.com/a/check?callback=parseTLSinfo"></script>