No. TLS 1.3 is the latest version of TLS that the IETF has standardized as RFC 8446. The IETF has not published a TLS 1.4, and TLS 1.3 is the recommended protocol for new HTTPS deployments.

Is TLS 1.3 better than TLS 1.2?

Yes. TLS 1.3 has a faster handshake, mandatory forward secrecy, and a smaller cipher suite list that excludes the algorithms tied to known attacks like POODLE, BEAST, and Sweet32. New deployments should pick TLS 1.3 over TLS 1.2.

Does TLS 1.3 work on iPhone?

Yes. iOS Safari supports TLS 1.3 from iOS 12.2, and iPadOS Safari supports it from iPadOS 13.1. Every modern iPhone and iPad negotiates TLS 1.3 when the server allows it.

Does Internet Explorer support TLS 1.3?

No. Internet Explorer 11 negotiates TLS 1.2 as its highest version and never added TLS 1.3. Microsoft has retired Internet Explorer 11, so any IE 11 traffic still on the network will keep using TLS 1.2.

How do I check if my browser uses TLS 1.3?

Open any HTTPS page, click the padlock icon in the address bar, and read the connection details. In Chrome and Edge, the DevTools Security tab also shows the negotiated TLS version for the page's main connection.

Is TLS 1.3 backward compatible with TLS 1.2?

A TLS 1.3 client and a TLS 1.2 server negotiate TLS 1.2, and a TLS 1.3 server falls back to TLS 1.2 for clients that ask for it. A site can offer TLS 1.3 without dropping TLS 1.2 visitors.

What cipher suites does TLS 1.3 support?

Five: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, and TLS_AES_128_CCM_8_SHA256. All five are AEAD ciphers. RSA key transport, RC4, MD5, SHA-1, and CBC-mode ciphers are removed.

How is the TLS 1.3 handshake different from the TLS 1.2 handshake?

TLS 1.3 completes the handshake in one round trip, encrypts every handshake message after the ServerHello, and uses ephemeral Diffie-Hellman by default. TLS 1.2 needs two round trips and sends most handshake messages in plaintext.

Can middleboxes intercept TLS 1.3?

A middlebox can decrypt TLS 1.3 only if it acts as a man-in-the-middle proxy and presents its own certificate that the client trusts. Passive interception fails because TLS 1.3 encrypts the handshake after the ServerHello.

Does TLS 1.3 work behind a captive portal?

Yes, once you complete the captive portal sign-in. The TLS 1.3 connection itself is independent of the portal redirect. If the gateway injects its own certificate, the browser shows a TLS warning until you accept the gateway.

Home
/
Learning Hub
/
TLS 1.3: Browser Support, Features, vs TLS 1.2

Testing

TLS 1.3: Browser Support, Features, vs TLS 1.2

TLS 1.3 works in Chrome 70+, Edge 79+, Firefox 63+, Safari 12.1+, Opera 57+, and Samsung Internet 10.1+. IE 11 has no support. See features and known issues.

Prince Dewani

May 1, 2026

On This Page

About TLS 1.3
Browser Support
Key Features
vs TLS 1.2
Enable TLS 1.3
Known Issues
Citations

TLS 1.3 is the latest Transport Layer Security protocol that the IETF published as RFC 8446 to encrypt web traffic. It works in Chrome 70+, Edge 79+, Firefox 63+, Safari 12.1+ on macOS, Safari 12.2+ on iOS, Opera 57+, and Samsung Internet 10.1+, while Internet Explorer 11 has no support.

This guide covers what TLS 1.3 is, the browsers that support it, the key features, how it differs from TLS 1.2, how to enable it, and the known issues.

What is TLS 1.3?

TLS 1.3 is the Transport Layer Security protocol version that the IETF standardized as RFC 8446. It encrypts data between a browser and a server using a faster handshake and a smaller cipher suite list than TLS 1.2. Web browsers, web servers, load balancers, and CDNs use it to secure HTTPS traffic.

Which browsers does TLS 1.3 support?

TLS 1.3 works in every major modern browser, including Chrome, Edge, Firefox, Safari, Opera, and Samsung Internet, on desktop and mobile. Internet Explorer 11 is the only mainstream browser that never added support.

Loading browser compatibility data...

TLS 1.3 compatibility in Chrome

Chrome supports TLS 1.3 from Chrome 70 on Windows, macOS, Linux, ChromeOS, and Android, with the protocol on by default. Chrome 54 to 69 carried draft revisions of TLS 1.3 disabled by default behind chrome://flags. Chrome 4 to 53 did not support TLS 1.3 at all.

TLS 1.3 compatibility in Edge

Microsoft Edge supports TLS 1.3 from Edge 79 on Windows, macOS, Linux, and Android, the build that switched to the Chromium engine. The pre-Chromium EdgeHTML versions 12 to 18 did not enable TLS 1.3 by default. Edge for Android tracks Chromium for Android, so it gets TLS 1.3 on every recent Android phone and tablet.

TLS 1.3 compatibility in Firefox

Firefox supports TLS 1.3 from Firefox 63 on Windows, macOS, Linux, and Android, where Mozilla shipped the final RFC 8446 version enabled by default. Firefox 49 to 62 had earlier TLS 1.3 drafts behind the security.tls.version.max preference in about:config. Firefox for Android picks up TLS 1.3 from the same release line.

TLS 1.3 compatibility in Safari

Safari supports TLS 1.3 from Safari 12.1 on macOS 10.14.4 and from Safari 12.2 on iOS and iPadOS. Earlier Safari builds on macOS 10.14.3, iOS 12.1, and below negotiated TLS 1.2 as the highest protocol version. Every modern iPhone, iPad, and Mac running a current Safari uses TLS 1.3 when the server allows it.

TLS 1.3 compatibility in Opera

Opera supports TLS 1.3 from Opera 57 on Windows, macOS, Linux, and Android, since Opera tracks the Chromium engine. Opera 54 to 56 had TLS 1.3 disabled by default behind a flag. Opera Mobile supports TLS 1.3 from Opera Mobile 80 on Android.

TLS 1.3 compatibility in Samsung Internet

Samsung Internet supports TLS 1.3 from Samsung Internet 10.1 on Galaxy phones and tablets, since the browser tracks Chromium. Samsung Internet 4.0 to 10.0 negotiated TLS 1.2 as the highest protocol version. The protocol is on by default, so users do not need to flip a setting in the Samsung Internet app.

TLS 1.3 compatibility in Android Browser

Chrome for Android supports TLS 1.3 from Chrome 70, so any current Android device using the modern Chrome WebView negotiates TLS 1.3 automatically. The legacy stock Android Browser based on the older WebView 2 to 4 codebase never added TLS 1.3. Move WebView-based apps to a current Android System WebView for the protocol.

TLS 1.3 compatibility in Internet Explorer

Internet Explorer never added TLS 1.3 in any version. IE 11 negotiates TLS 1.2 as its highest protocol version, and Microsoft has retired the browser. Move TLS 1.3 sensitive workflows to Chromium-based Edge or Chrome for any new work.

Note: TLS 1.3 negotiation breaks behind corporate proxies, on legacy IE 11, and through some captive portals. Test it on real browsers and OS with TestMu AI. Try TestMu AI free!

What are the key features of TLS 1.3?

TLS 1.3 cuts the handshake to one round trip, drops insecure ciphers, encrypts most handshake messages, and makes forward secrecy mandatory.

One-round-trip handshake: TLS 1.3 sets up a secure connection in a single round trip. The client sends its key share in the first flight, so the new-connection handshake finishes one round trip faster than TLS 1.2.
0-RTT session resumption: When the client has connected to the server before, TLS 1.3 can resume the session in zero round trips. The client sends application data in the first packet, the server replies, and the connection is live.
Mandatory forward secrecy: Every TLS 1.3 session uses an ephemeral Diffie-Hellman key, so a stolen private key cannot decrypt past traffic. The TLS 1.2 RSA key transport mode that broke this guarantee is removed.
Five AEAD cipher suites only: TLS 1.3 keeps TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, and TLS_AES_128_CCM_8_SHA256. RC4, MD5, SHA-1, CBC-mode ciphers, RSA key transport, and static Diffie-Hellman are gone.
Encrypted handshake messages: Every handshake message after the ServerHello is encrypted, including the server certificate. Passive observers see the ClientHello, the ServerHello, and almost nothing else.
Signature scheme upgrade: TLS 1.3 servers must sign with RSA-PSS or ECDSA. Old RSA-PKCS1-v1_5 signatures are out, which lifts the signing security floor across the web.

How is TLS 1.3 different from TLS 1.2?

TLS 1.3 differs from TLS 1.2 on the handshake, the cipher suite list, the forward secrecy guarantee, and the encryption of handshake messages. The table below shows where the two versions diverge.

Dimension	TLS 1.2	TLS 1.3
RFC	RFC 5246	RFC 8446
Handshake round trips	2 round trips	1 round trip, or 0 with resumption
Cipher suites	37+ negotiable, including legacy ciphers	5 AEAD-only suites
Forward secrecy	Optional, RSA key exchange permitted	Mandatory, ephemeral Diffie-Hellman only
Insecure algorithms	RC4, MD5, SHA-1, CBC-mode permitted	All removed
Encrypted handshake	Plaintext after ServerHello	Encrypted after ServerHello
0-RTT resumption	Not supported	Supported, with replay caveat
Browser support	Universal across all modern browsers	All modern browsers, no IE 11

How do you enable TLS 1.3 in your browser?

TLS 1.3 is on by default in every modern browser. You only flip a flag if your IT team disabled the protocol, or you are running an old Firefox or Chrome build that shipped a draft version.

Open the browser flags page: Type chrome://flags in Chrome or edge://flags in Edge and press Enter. Firefox users open about:config and accept the warning.
Search for the TLS 1.3 entry: In the search box, type tls and look for the TLS 1.3 entry. On Firefox, search for security.tls.version.max.
Set the value to Enabled: Choose Enabled in the dropdown on Chrome or Edge. On Firefox, set security.tls.version.max to 4, the value that maps to TLS 1.3.
Relaunch the browser: Click Relaunch at the bottom of the flags page so the change takes effect on every tab.
Confirm the negotiation: Open any HTTPS page, click the padlock icon in the address bar, and read the connection details. The line should list TLS 1.3.

If the connection still uses TLS 1.2 after the relaunch, a corporate proxy, firewall, or antivirus product is forcing the downgrade. Whitelist the site or disable TLS interception on the test machine.

// Paste this snippet into the DevTools console of any modern browser to confirm TLS 1.3.
// The check uses the Network panel of DevTools because the JS Security API does not
// expose the negotiated TLS version directly.
console.log("Open the DevTools Security tab and reload the page.");
console.log("Look for: 'Connection - secure connection settings: TLS 1.3'.");

// Programmatic alternative: inspect performance entries for the main document.
const nav = performance.getEntriesByType("navigation")[0];
if (nav && nav.nextHopProtocol) {
  console.log("Next-hop protocol:", nav.nextHopProtocol);
} else {
  console.log("Performance Navigation Timing is unavailable in this context.");
}

What are the known issues with TLS 1.3?

TLS 1.3 ships in every modern browser, but middleboxes, legacy IE 11 traffic, and 0-RTT replays still cause real-world friction.

Middlebox interference: Some corporate firewalls, intrusion-detection systems, and antivirus proxies block or downgrade TLS 1.3 because the encrypted handshake breaks deep packet inspection. Browsers fall back to TLS 1.2 or fail the connection outright.
Internet Explorer 11 traffic: Sites that still serve IE 11 visitors must keep TLS 1.2 enabled at the load balancer or origin. Disabling TLS 1.2 to enforce TLS 1.3 will drop those connections.
0-RTT replay risk: 0-RTT early data can be replayed by an active attacker. Servers must mark only idempotent endpoints as 0-RTT safe and refuse early data on writes, payments, and login.
Server certificate signature mismatch: Old TLS 1.3 draft clients reject certificates signed with RSA-PKCS1-v1_5. TLS 1.3 servers must sign with RSA-PSS or ECDSA to interoperate with every client in the wild.
Captive portal downgrades: Some hotel and airport Wi-Fi gateways man-in-the-middle TLS to redirect users to a portal. The browser logs a TLS error until the user completes the portal flow, after which TLS 1.3 negotiates cleanly.
Old Android WebView builds: Apps embedding the legacy Android System WebView below WebView 70 negotiate TLS 1.2 only. Update the WebView component or move the app to a modern WebView build.

In my experience, the middlebox issue is the most common reason a TLS 1.3-capable browser still negotiates TLS 1.2 on a corporate network. The fix is rarely on the browser side: ask your IT team to whitelist the destination or disable TLS interception for development domains.

Citations

All TLS 1.3 version numbers and platform notes in this guide come from these primary sources:

IETF RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3: datatracker.ietf.org/doc/html/rfc8446
IETF RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2: datatracker.ietf.org/doc/html/rfc5246
MDN Web Docs - Transport Layer Security: developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Security
Wikipedia - Transport Layer Security: en.wikipedia.org/wiki/Transport_Layer_Security
Wikipedia - Version history for TLS/SSL support in web browsers: en.wikipedia.org/wiki/Version_history_for_TLS/SSL_support_in_web_browsers
Mozilla Hacks - TLS 1.3 in Firefox: hacks.mozilla.org/2018/03/transport-layer-security-version-1-3-in-firefox
WebKit - Safari Release Notes: developer.apple.com/documentation/safari-release-notes
Chromium - TLS 1.3: chromium.org/Home/tls13
Microsoft Security Blog - Taking Transport Layer Security (TLS) to the next level with TLS 1.3: microsoft.com/en-us/security/blog/taking-transport-layer-security-tls-to-the-next-level-with-tls-1-3
Cloudflare SSL/TLS docs - TLS 1.3: developers.cloudflare.com/ssl/edge-certificates/additional-options/tls-13
Cloud Google blog - TLS 1.3 is now on by default for Google Cloud services: cloud.google.com/blog/products/networking/tls-1-3-is-now-on-by-default-for-google-cloud-services

Author

Prince Dewani

Blogs: 8

Prince Dewani is a Community Contributor at TestMu AI, where he manages content strategies around software testing, QA, and test automation. He is certified in Selenium, Cypress, Playwright, Appium, Automation Testing, and KaneAI. Prince has also presented academic research at the international conference PBCON-01. He further specializes in on-page SEO, bridging marketing with core testing technologies. On LinkedIn, he is followed by 4,300+ QA engineers, developers, DevOps experts, tech leaders, and AI-focused practitioners in the global testing community.