What is an A+ SSL Rating?by Iwan Price-Evans on Security • March 1, 2022
SSL Labs created an alphabetical grading system for SSL / TLS certificates. An A+ SSL grade is given when the server configuration is determined to be exceptional.
How Does SSL/TLS Encryption Work?
For a website to apply SSL/TLS encryption it must have an SSL certificate. The certificate, which is stored on the webserver, acts as an ID card to prove that the website is genuine and not fake.
SSL/TLS certificates store the website’s unique ID referred to as a public key. The public key is used by a website visitor’s device to establish a secure connection with the webserver.
How Are SSL Grades Calculated?
The SSL Labs project was created in 2009 and their goal was to provide diagnostics for identifying security concerns in computer configurations. SSL Labs created an alphabetical grading system for SSL / TLS certificates. The grades rate secure configuration out of 100. These are alphabetical grades, which range from F to A+, and are a way of measuring security configuration quality.
An A+ SSL grade is given when the server configuration is determined to be exceptional.
What Are The SSL Grades?
The SSL grades are:
- A+ - Exceptionally high-quality configuration.
- A - Providing strong commercial security. Scoring 80 or above.
- B - Equates to having sufficient security with modern clients, potentially obsolete security used with older clients, plus the potential for smaller configuration problems occurring. Scoring 65 or above.
- C - This means the configuration is outdated and uses obsolete security methods with modern clients, with the potential for bigger configuration problems occurring. Scoring 50 or above.
- D - Security issues that are unlikely to be exploited or are difficult to exploit exist in the configuration. It's possible to resolve these issues and they should be corrected. Scoring 35 or above.
- E - This rating is unused. Scoring 20 or above.
- F - This means that the configuration is vulnerable, and/or it has correctible problems such as misconfigurations. Scoring less than 20.
- T (trust) – T is used when the certificate cannot be trusted but no other trust issues have been identified. It's also used when the server is well configured.
- M (mismatch) – M grade means that the server isn't using encryption and trust cannot be established. A name mismatch will generate this kind of trust issue.
- N/A – no rating applies.
What Is The Significance Of SSL Grades?
A+ is a desirable grade but A and B grades are considered acceptable. C, D, and F are given when the server is determined to be critically vulnerable. Grade E is unused. Certificates that fall below F can be graded with N/A (no rating at all), M (the server doesn’t use encryption), or T (the certificate can’t be trusted).
How Do I Increase My SSL Grade?
You can get an A+ SSL rating by using a load balancer or web application firewall (WAF) capable of SSL/TLS termination and that provides a high degree of security optimization.
Does Snapt Help Improve SSL?
Yes. Snapt Nova can provide an automatic A+ SSL grade through SSL/TLS offloading. Snapt Nova provides load balancing and WAF security on-demand to every node in your network. Nova's SSL offloading reduces the load on your web server and improves performance and security. Centralized control enables Nova to manage SSL certificates for thousands or millions of nodes from one central UI or API, reducing the time required to maintain SSL certificates in large distributed deployments.
Learn how Snapt improved security and saved I-Track Software time maintaining their SSL certificates.