All Products
Search

This Product

    ApsaraVideo Live:Configure TLS version control

    Document Center

    ApsaraVideo Live:Configure TLS version control

    Last Updated:Apr 10, 2024

    ApsaraVideo Live provides the Transport Layer Security (TLS) version control feature to ensure data security and integrity for Internet services and communications. You can configure different TLS versions for different domain names based on your business requirements. This topic describes how to configure TLS versions.

    Prerequisites

    An SSL certificate is configured. For more information, see Configure HTTPS secure acceleration.

    Background information

    TLS is used to ensure the security and integrity of data transmitted between two applications. HTTPS is a typical application of TLS. HTTP over TLS (HTTPS) is a secure version of HTTP. HTTPS runs below the top application layer (HTTP) and above the transport layer (TCP), and provides data encryption and decryption services.

    Procedure

    1. Log on to the ApsaraVideo Live console.
    2. In the left-side navigation pane, click Domains to go to the Domain Management page.

    3. Find the ingest domain that you want to configure and click Domain Settings in the Actions column.

      域名配置

    4. Choose Stream Management > HTTPS Settings.

    5. In the TLS Version Control section, enable or disable a TLS version based on your business requirements.

      Note

      If the SSL certificate is not configured, the TLS Version Control section is not displayed.

      The following table describes TLS versions.

      Version

      Description

      Mainstream browser

      TLSV1.0

      TLS 1.0 was defined in RFC 2246 in 1999 as an update to SSL 3.0. TLS 1.0 is vulnerable to various attacks, such as BEAST and POODLE attacks. TLS 1.0 can no longer protect network connections due to the low encryption performance. TLS 1.0 does not comply with Payment Card Industry Data Security Standard (PCI DSS).

      • IE6+

      • Chrome 1+

      • Firefox 2+

      TLSV1.1

      TLS 1.1 was defined in RFC 4346 in 2006 as an update to TLS 1.0. TLS 1.1 fixed some vulnerabilities in TLS 1.0.

      • IE 11+

      • Chrome 22+

      • Firefox 24+

      • Safari 7+

      TLSV1.2

      In 2008, RFC 5246 introduced TLS 1.2, which is a widely used TLS version.

      • IE 11+

      • Chrome 30+

      • Firefox 27+

      • Safari 7+

      TLSV1.3

      In 2018, RFC 8446 introduced TLS 1.3 as the latest TLS version. TLS 1.3 supports the zero round trip time (0-RTT) mode and allows you to establish faster connections. TLS 1.3 supports only key exchange algorithms of perfect forward secrecy to enhance security.

      • Chrome 70+

      • Firefox 63+

      Note

      TLS 1.0, TLS 1.1, and TLS 1.2 are enabled by default.