TLS Versions

You can configure TLS versions as required.

Background

Transport Layer Security (TLS) is a security protocol used to ensure security and data integrity for Internet communication. The most typical application is HTTPS. TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 are available. A later version is more secure, but is less compatible with browsers of earlier versions.

**Table 1** TLS versions supported by mainstream browsers
TLS Version	Mainstream Browser
TLS 1.0	Chrome 1 Firefox 2+
TLS 1.1	Chrome 22+ Firefox 24+ Safari 7+
TLS 1.2	Chrome 30+ Firefox 27+ Safari 7+
TLS 1.3	Chrome 70+ Firefox 63+ Safari 14+

Constraints

An international HTTPS certificate has been configured. For details, see HTTPS Certificates.
If the domain name is bound to a certificate with Chinese cryptographic algorithm, TLS versions cannot be configured.
If you change the certificate type from International to Chinese (SM2), TLS version settings will become invalid.
If you configure two certificates for a domain name, TLS version settings take effect only for the international certificate.
You can enable a single version or consecutive versions. For example, you cannot enable TLS 1.0 and TLS 1.2 but disable TLS 1.1.
You need to enable at least one version.
By default, TLS 1.1, TLS 1.2, and TLS 1.3 are enabled.
TLS versions cannot be configured for domain names with special configurations.

Procedure

Log in to Huawei Cloud console. Choose Service List > Content Delivery & Edge Computing > Content Delivery Network.
The CDN console is displayed.
In the navigation pane, choose Domains.
In the domain list, click the target domain name or click Configure in the Operation column.
Click the HTTPS Settings tab.
In the TLS Version area, click Edit.
Figure 1 Configuring the TLS versions
Select one or more TLS versions and click OK.