What is SSL Labs grading?

SSL Labs (ssllabs.com/ssltest/) is a free online service by Qualys that analyses a server's TLS/SSL configuration and assigns a grade from A+ to F based on protocol support, cipher strength, certificate validity, and vulnerability exposure.

Is this grade explainer free?

Yes, completely free with no signup and no usage limits.

Does my data leave my device?

No. This is a reference page — no data is sent anywhere.

SSL/TLS Grade Info

SSL Labs assigns grades from A+ to F based on your server's TLS configuration. Select a grade below to see exactly what earns or loses that rating.

Reference page · no data sent

A+ Exceptional configuration

TLS 1.2 and 1.3 only — TLS 1.0 and 1.1 disabled.
HSTS enabled with max-age ≥ 180 days and includeSubDomains.
No weak cipher suites; forward secrecy (ECDHE/DHE) on all connections.
Valid certificate chain with SHA-256+ signature.
No known vulnerabilities (BEAST, POODLE, Heartbleed, CRIME, ROBOT).

A Strong configuration

TLS 1.2 minimum; TLS 1.3 supported.
No critical vulnerabilities.
Forward secrecy supported on most connections.
Valid certificate; no SHA-1 or MD5 signatures.

B Good but improvable

TLS 1.0 or 1.1 still enabled (deprecated protocols).
Some cipher suites without forward secrecy still offered.
Certificate uses SHA-1 (deprecated).
Missing HSTS header.

C Below modern standards

RC4 or other broken cipher suites still supported.
Insecure renegotiation allowed.
Very short certificate key (RSA < 2048-bit).
TLS 1.0 still the minimum supported version.

D Serious weaknesses

SSL 3.0 still supported (POODLE vulnerability).
Null or anonymous cipher suites offered.
DH parameters < 1024-bit.

F Critical failures

Expired or untrusted certificate.
SSL 2.0 supported.
Known critical vulnerability exploitable remotely (e.g. Heartbleed).
Certificate hostname mismatch.

How to use

Run the free SSL Labs test at ssllabs.com/ssltest/ for your domain.
Note the grade returned.
Click that grade above to see what specifically is causing the rating and what you need to fix.

Related network tools

HTTP Headers Decoder — inspect HSTS, CSP, and other security headers
DNS Record Explainer — understand CAA records used to restrict certificate issuers
Port Number Lookup — identify services running on ports 443, 8443, etc.

Frequently Asked Questions

What is SSL Labs grading?: SSL Labs (ssllabs.com/ssltest/) is a free online service by Qualys that analyses a server's TLS/SSL configuration and assigns a grade from A+ to F based on protocol support, cipher strength, certificate validity, and vulnerability exposure.
Is this grade explainer free?: Yes, completely free with no signup and no usage limits.
Does my data leave my device?: No. This is a reference page — no data is sent anywhere.

Report a problem with this tool