Feature Request - Minimum TLS version check (e.g. enforce a minimum of TLS 1.2) #4013

New issue

Open

opened 2026-02-28 03:48:12 -05:00 by deekerman · 5 comments

deekerman commented 2026-02-28 03:48:12 -05:00

Owner

Copy link

Originally created by @ndbroadbent on GitHub (Mar 3, 2025).

📑 I have found these related issues/pull requests

Couldn't find any related issues

🏷️ Feature Request Type

New monitor

🔖 Feature description

It would be great if we could set up an SSL check that verifies certificates and also configures a minimum TLS version, e.g. 1.0, 1.1, 1.2, or 1.3.

1.0 and 1.1 are legacy TLS versions, so I'd like to set up checks for all of my domains and make sure I don't accidentally support them. Thanks!

✔️ Solution

New SSL monitor for minimum TLS version

❓ Alternatives

Couldn't find any, maybe a bash script as a cron job

📝 Additional Context

No response

Originally created by @ndbroadbent on GitHub (Mar 3, 2025). ### 📑 I have found these related issues/pull requests Couldn't find any related issues ### 🏷️ Feature Request Type New monitor ### 🔖 Feature description It would be great if we could set up an SSL check that verifies certificates and also configures a minimum TLS version, e.g. 1.0, 1.1, 1.2, or 1.3. 1.0 and 1.1 are legacy TLS versions, so I'd like to set up checks for all of my domains and make sure I don't accidentally support them. Thanks! ### ✔️ Solution New SSL monitor for minimum TLS version ### ❓ Alternatives Couldn't find any, maybe a bash script as a cron job ### 📝 Additional Context _No response_

deekerman added the

feature-request

A:monitor

type:new

labels 2026-02-28 03:48:12 -05:00

deekerman commented 2026-02-28 03:48:14 -05:00

Author

Owner

Copy link

@Ghost93 commented on GitHub (Mar 26, 2025):

interested 👍

@Ghost93 commented on GitHub (Mar 26, 2025): interested 👍

deekerman commented 2026-02-28 03:48:17 -05:00

Author

Owner

Copy link

@CommanderStorm commented on GitHub (Apr 17, 2025):

Maybe relevant for some: that we currently support the tls versions that node supports by default.

@CommanderStorm commented on GitHub (Apr 17, 2025): Maybe relevant for some: that we currently support the tls versions that node supports by default.

deekerman commented 2026-02-28 03:48:17 -05:00

Author

Owner

Copy link

@jnovack commented on GitHub (May 3, 2025):

Forgive me, why is checking for TLS 1.1 the responsibility of the uptime checker checking every X minutes?

Ignoring that security scans are the responsibility of the network security tool (which this is not), how often is someone accidentally enabling TLS 1.1 that you need to have it checked EVERY time you check to see if the host is up?

I feel this is scope creep at it's worst.

@jnovack commented on GitHub (May 3, 2025): Forgive me, why is checking for TLS 1.1 the responsibility of the uptime checker checking every X minutes? Ignoring that security scans are the responsibility of the network security tool (which this is not), how often is someone accidentally enabling TLS 1.1 that you need to have it checked EVERY time you check to see if the host is up? I feel this is scope creep at it's worst.

deekerman commented 2026-02-28 03:48:17 -05:00

Author

Owner

Copy link

@Loughty commented on GitHub (Aug 6, 2025):

Maybe relevant for some: that we currently support the tls versions that node supports by default.

Hi @CommanderStorm, there's a way of lowering the min TLS version supported? (has u can do, for example, in Firefox). After an update, my Uptime Kuma now show one host has down, and the "ignoring TLS/SSL errors" option isn't working this time. I think it's because the min TLS version supported has ben raised (I update Uptime Kuma from 1.19 to 1.23).

@Loughty commented on GitHub (Aug 6, 2025): > Maybe relevant for some: that we currently support the tls versions that node supports by default. Hi @CommanderStorm, there's a way of lowering the min TLS version supported? (has u can do, for example, in Firefox). After an update, my Uptime Kuma now show one host has down, and the "ignoring TLS/SSL errors" option isn't working this time. I think it's because the min TLS version supported has ben raised (I update Uptime Kuma from 1.19 to 1.23).

deekerman commented 2026-02-28 03:48:17 -05:00

Author

Owner

Copy link

@CommanderStorm commented on GitHub (Aug 6, 2025):

Yes, just pass the relevant node environment variables.

Please fix your services instead of bodging like this though.

@CommanderStorm commented on GitHub (Aug 6, 2025): Yes, just pass the relevant node environment variables. Please fix your services instead of bodging like this though.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

npm-update

3.0.X

dev-better-auth

copilot/remove-password-complexity-requirements

2.2.X

copilot/sub-pr-6355

1.23.X

api-via-socketio-client

2.1.3

2.1.2

2.1.1

2.1.0

2.1.0-beta.3

2.1.0-beta.2

2.1.0-beta.1

2.1.0-beta.0

2.0.2

2.0.1

1.23.17

2.0.0

2.0.0-beta.4

2.0.0-beta.3

2.0.0-beta.2

2.0.0-beta.2-temp

2.0.0-beta.1

1.23.16

2.0.0-beta.0

1.23.15

1.23.14

1.23.13

1.23.12

1.23.11

1.23.10

1.23.9

1.23.8

1.23.7

1.23.6

1.23.5

1.23.5-beta.0

1.23.4

1.23.3

1.23.2

1.23.1

1.23.0

1.23.0-beta.1

1.23.0-beta.0

1.22.1

1.22.0

1.22.0-beta.0

1.21.3

1.21.2

1.21.2-beta.0

1.21.1

1.21.0

1.21.0-beta.1

1.21.0-beta.0

1.20.2

1.20.1

1.20.0

1.20.0-beta.0

1.19.6

1.19.5

1.19.4

1.19.3

1.19.2

1.19.1

1.19.0

1.19.0-beta.2

1.19.0-beta.1

1.19.0-beta.0

1.18.5

1.18.4

1.18.3

1.18.2

1.18.1

1.18.0

1.18.0-beta.0

1.17.1

1.17.0

1.17.0-beta.1

1.17.0-beta.0

1.16.1

1.16.0

1.16.0-beta.0

1.15.1

1.15.0

1.15.0-beta.1

1.14.1

1.15.0-beta.0

1.14.0

1.14.0-beta.2

1.13.2

1.14.0-beta.1

1.14.0-beta.0

1.13.1

1.13.0

1.13.0-beta.2

1.13.0-beta.1

1.13.0-beta.0

1.12.1

1.12.0

1.11.4

1.11.3

1.11.2

1.11.1

1.11.0

1.10.2

1.10.1

1.10.0

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.3

1.6.2

1.6.1

1.6.0

1.5.3

1.5.2

1.5.1

1.5.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.10

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Labels

Clear labels   

A:accessibility

  

A:api

  

A:cert-expiry

  

A:core

  

A:dashboard

  

A:deployment

  

A:documentation

  

A:domain expiry

  

A:incidents

  

A:maintenance

  

A:metrics

  

A:monitor

  

A:notifications

  

A:reports

  

A:settings

  

A:status-page

  

A:ui/ux

  

A:user-management

  

Stale

  

ai-slop

  

blocked

  

blocked-upstream

  

bug

  

cannot-reproduce

  

dependencies

  

discussion

  

duplicate

  

feature-request

  

feature-request

  

good first issue

  

hacktoberfest

  

help

  

help wanted

  

house keeping

  

invalid

  

invalid-format

  

invalid-format

  

question

  

releaseblocker 🚨

  

security

  

spam

  

type:enhance-existing

  

type:new

  

wontfix

No labels

A:accessibility

A:api

A:cert-expiry

A:core

A:dashboard

A:deployment

A:documentation

A:domain expiry

A:incidents

A:maintenance

A:metrics

A:monitor

A:notifications

A:reports

A:settings

A:status-page

A:ui/ux

A:user-management

Stale

ai-slop

blocked

blocked-upstream

bug

cannot-reproduce

dependencies

discussion

duplicate

feature-request

feature-request

good first issue

hacktoberfest

help

help wanted

house keeping

invalid

invalid-format

invalid-format

question

releaseblocker 🚨

security

spam

type:enhance-existing

type:new

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/uptime-kuma#4013

No description provided.