SSL vs TLS: What's the Difference?
You'll see "SSL" everywhere — "SSL certificate", "SSL encryption" — but on the CompTIA Security+ exam (and in reality) the protocol doing the work is TLS. Here's the difference and why it matters.
The short answer
SSL (Secure Sockets Layer) is the original protocol for encrypting traffic. It's obsolete and insecure — every version has been broken. TLS (Transport Layer Security) is its modern replacement and what actually secures your connections today. The word "SSL" just stuck around as a habit.
A quick history
SSL was created by Netscape in the 1990s. SSL 2.0 and SSL 3.0 both fell to serious vulnerabilities (SSL 3.0 famously to POODLE). The protocol was handed to the IETF, renamed TLS, and evolved:
- TLS 1.0 (1999) and TLS 1.1 — now deprecated (officially retired in 2021).
- TLS 1.2 (2008) — still widely used and secure when configured well.
- TLS 1.3 (2018) — the current standard: a faster handshake and all the weak, legacy crypto options removed.
So the real-world progression students mix up is: SSL 2.0 → SSL 3.0 → TLS 1.0 → 1.1 → 1.2 → 1.3, where only the last two are safe.
SSL vs TLS, side by side
| SSL | TLS | |
|---|---|---|
| Status | Deprecated, insecure | Current standard |
| Versions | 2.0, 3.0 (both broken) | 1.0/1.1 (deprecated), 1.2/1.3 (secure) |
| Created by | Netscape | IETF (standardized) |
| Handshake | Slower, legacy crypto | Streamlined (especially TLS 1.3) |
| Known attacks | POODLE, DROWN | Far fewer; weak options removed in 1.3 |
| Use it today? | No — disable it | Yes — TLS 1.2 / 1.3 |
Why the name confusion matters
Saying "SSL" when you mean "TLS" is usually harmless slang — but on the exam, precision matters:
- An "SSL certificate" is really a TLS certificate (an X.509 certificate). The cert isn't tied to SSL specifically.
- HTTPS is HTTP running over TLS, not SSL.
- A server that still allows SSL 3.0 / TLS 1.0 is a finding — it enables downgrade attacks, where an attacker forces both sides onto a weak version.
How a TLS handshake works (in brief)
You don't need every byte, but the exam expects the gist:
- Client Hello — the browser offers the TLS versions and cipher suites it supports.
- Server Hello + certificate — the server picks the strongest shared options and sends its X.509 certificate (its public key, signed by a trusted CA).
- Key exchange — both sides derive a shared session key; modern setups use ephemeral Diffie-Hellman for forward secrecy (past traffic stays safe even if the key later leaks).
- Finished — the session switches to fast symmetric encryption for the actual data.
This is why TLS depends on PKI: the certificate is what lets you trust the server's public key. TLS 1.3 collapses this into a single round-trip, part of why it's faster than 1.2.
Which one shows up on the exam?
Security+ expects you to know that SSL is deprecated, that TLS 1.2/1.3 are the secure choices, and to recognise downgrade attacks and named exploits like POODLE and DROWN. If a question asks what to disable on a hardened web server, the answer includes SSL 2.0/3.0 and TLS 1.0/1.1.
Lock it in
SSL vs TLS is mostly about remembering the version timeline and the acronyms (TLS, PKI, CBC, POODLE, DROWN) hanging off it. Quiz yourself on which versions are safe until you can answer without hesitating — that's how it sticks for exam day.