How to test zero-rtt for TLS 1.3 enabled site

Tech | Insights | Inspiration

How to test zero-rtt for TLS 1.3 enabled site

0-RTT (zero round trip time) is a new feature in TLS 1.3 that enhances performance

July 12, 2020

Ahmed Jama

1-Minute Read

To test whether your site supports 0-RTT you can use SSLyze. This is a fast and powerful Python SSL/TLS scanning library. SSLyze can be used as command line and or as a Python library.

Python version

I am using Python 3.8 in a virtual environment.

Testing Zero RTT using SSLyze

First pip install SSLyze.

pip install sslyze

Then from the CLI, test 0-RTT for a site that TLS 1.3 enabled. The switch needed to be passed to SSLyze is --early_data.

(venv) ➜  ~ python -m sslyze --early_data cloudflare.com

 CHECKING HOST(S) AVAILABILITY
 -----------------------------

   cloudflare.com:443                       => 104.17.175.85




 SCAN RESULTS FOR CLOUDFLARE.COM:443 - 104.17.175.85
 ---------------------------------------------------

 * TLS 1.3 Early Data:
                                          Suppported - Server accepted early data


 SCAN COMPLETED IN 0.08 S
 ------------------------

Say Something

Comments

Nothing yet.

How to duplicate a Git repo Getting started with ElastiFlow