TLS/SSL Versions Wasabi Supports

  • Updated on Nov 3, 2025
  • Published on Nov 12, 2022
  • 2 minute(s) read
Prev Next

To ensure maximum compatibility with modern S3-compatible tools and applications, Wasabi supports the same Transport Layer Security (TLS) / Secure Sockets Layer (SSL) versions on its S3 interface as AWS S3.

Wasabi has fully transitioned to TLS 1.2 and TLS 1.3 for all connections. Older protocols (TLS 1.0 and TLS 1.1) are no longer supported.

TLS / SSL Overview

TLS and its predecessor, SSL, are cryptographic protocols that secure data in transit between clients and Wasabi endpoints.

TLS 1.2 and 1.3 are the current industry standards for encryption and are required for all Wasabi interfaces. These versions provide stronger authentication, integrity, and confidentiality protections than previous protocol versions.

Wasabi S3 Interface (Storage API)

Wasabi’s S3-compatible storage API supports secure connections using the following protocols:

Supported TLS/SSL VersionsUnsupported / Deprecated
TLS 1.2, TLS 1.3                TLS 1.0, TLS 1.1, SSL (all versions)

Connections attempted with TLS 1.0 or 1.1 are now rejected. This change enforces stronger encryption and eliminates the use of outdated ciphers.

Key Points

  • TLS 1.2 remains the minimum required version for all S3 endpoints.
  • TLS 1.3 is fully supported where client libraries and operating systems allow.
  • All SSL versions (SSL 2.0, 3.0) are permanently disabled.

Wasabi Management Console

The Wasabi Management Console (web interface) has long required TLS 1.2 or higher and no longer accepts any TLS 1.0 or 1.1 connections.

All major browsers and modern operating systems already enforce TLS 1.2+. This transition has not affected browser-based access to the Wasabi Console.

Why Older Versions Were Removed

TLS 1.0 and 1.1 were officially deprecated by the Internet Engineering Task Force (IETF) and major browser vendors due to security vulnerabilities and protocol weaknesses, including:

  • Lack of support for modern cipher suites
  • Weak integrity mechanisms
  • Susceptibility to downgrade and man-in-the-middle attacks

By removing these protocols, Wasabi ensures:

  • Compliance with modern security standards (PCI DSS, NIST, etc.)
  • Improved protection of customer data in transit
  • Simplified, more reliable TLS negotiation for all clients

What This Means for You

  • All connections to Wasabi services now require TLS 1.2 or TLS 1.3.
  • Applications or SDKs using older TLS protocols will fail to connect.
  • Most modern tools and libraries (such as AWS CLI, Cyberduck, rclone, and SDKs) already default to TLS 1.2+ and should continue working without change.

If you experience TLS-related errors such as “unsupported protocol” or “handshake failure,” update your client libraries or operating system to enable TLS 1.2 or 1.3.

For detailed guidance, see TLS 1.0 and TLS 1.1 Deprecation Frequently Asked Questions (FAQ).

Additional Resources

Enhancing Your Security: An Important Update on TLS 1.0 and TLS 1.1  

For additional technical support, use this email address to contact a Wasabi Customer Support representative: support@wasabi.com