You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Does Safari support TLS 1.2

Wikipedia indicates that Safari 5 and beyond supports TLS 1.2. I haven't been able to get Safari 5 or 6 to work with a tomcat server configured to accept only TLS 1.2 SSL encryption. A few questions:


1. Is TLS 1.2 supported in Safari?

2. Which versions if any?

3. Is there some OS or Safari configuration required?


Thanks

MacBook Pro with Retina display, Mac OS X (10.7.4)

Posted on Jun 25, 2013 5:55 AM

Reply
3 replies

Sep 23, 2013 6:21 PM in response to groktheworld

I went through the process of changing this on Wikipedia recently after seeing the same thing as you, and after doing a lot of research and testing figuring out the same as what you uncovered.


1. Neither TLS 1.1 or 1.2 are supported in Safari on OS X, even on the most up-to-date version of OS X (10.8.5) and Safari (6.0.5) only TLS 1.0 is supported. It's really just another example of Safari on OS X being in severe need of some love and attention (the longstanding major graphics glitches were bad enough, and it's been barely updated in a year). I'd definitely just check out Chrome if I were you, I pushed forward trying to use Safari for a very long time but ultimately it's not a patch on Chrome. Safari on OS X is pretty much a footnote, whereas Chrome is the polar opposite.


Chrome has supported TLS 1.1 for almost the past year and the current stable released five weeks ago has full support for TLS 1.2. If you want to be very diligently looked after and safe (not just in regards to TLS), as well as generally being on the bleeding edge of the web you should definitely check out Chrome on OS X.


2. Although no version of Safari on OS X supports 1.1 or 1.2, Safari on iOS is a complete different story. Safari on iOS supports TLS 1.2.


3. No.

Mar 2, 2014 3:07 PM in response to groktheworld

After testing, I can verify that the latest version of Safari, v7.0.2 (OS X Mavericks ONLY), does use TLS 1.2.


No version of Safari 6.x goes above TLS 1.0, which of course is a travesty and [insert expletive here] of Apple. Obviously, this should have been addressed.


Here is a site where you can test web clients (browsers) for TLS:


http://HowsMySSL.com


The 'Beast Attack' was addressed by Apple about a year and a half ago, whereby lousy old TLS 1.0 is retained, but workarounds are used to prevent this specific attack. I don't know more about the situation than that. As you'll see at the above website, all versions of Safari previous to v7.x will FAIL the test as 'bad' specifically because they're using TLS 1.0.

Does Safari support TLS 1.2

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.