Vanta has multiple tests that scan your websites TLS implementation to ensure that it is secure. These tests include:

Checking that your site's certificate has not expired

-This test will fail as soon as the certificates expiration has been reached.

Checking for valid TLS configuration

-This would include checking for valid certificates, valid certificate chains, and ensuring proper TLS versions are in use.

Checking the all queries to your page redirect to HTTPS

-This test checks that when a query is made to your company's website explicitly using port 80 (http://yourbusinessdomain.com), a 301 redirect is received and automatically redirects clients to use https on 443. 

Checking that there are no weak ciphers available for use

-This includes ciphers with known vulnerabilities, as well as ciphers that do not match or exceed the strength of the certificate key.

Troubleshooting

If Vanta states that there was trouble getting data for any or all of these tests, please update your business URL on the settings page in Vanta. We recommend using the format "https://yourbusinesswebsite.com":

 

VantaBusinessInformation.png

 

This is the URL that Vanta uses to check for TLS configuration.

If you are looking for more information regarding why a certain TLS test may be failing, please use the SSL Labs test here, as it will provide much more detailed information on configuration issues in your environment. For example:

TLSciphers.png