What Is TLS (Transport Layer Security)?

Why It Matters

TLS is what makes HTTPS secure. Without TLS, browser-to-server communication is plain text — readable by anyone on the network. For domain forwarding, TLS is critical because the forwarding server needs a valid TLS certificate for each source domain.

TLS Versions

Version	Status	Notes
SSL 3.0	Deprecated (2015)	Vulnerable to POODLE attack
TLS 1.0	Deprecated (2020)	No longer accepted by modern browsers
TLS 1.1	Deprecated (2020)	No longer accepted by modern browsers
TLS 1.2	Current	Widely supported, secure
TLS 1.3	Current	Fastest, most secure

How TLS Works in Forwarding

When a visitor goes to https://your-forwarded-domain.com:

1. Browser initiates a TLS handshake with Domain Forward’s server
2. Server presents a valid SSL certificate for your domain
3. Browser and server agree on encryption parameters
4. Encrypted connection is established
5. Server sends the 301 redirect over this secure connection
6. Browser follows the redirect to the destination

The entire handshake takes milliseconds. TLS 1.3 is even faster — it requires fewer round trips than TLS 1.2.

How Domain Forward Handles This

Domain Forward terminates TLS connections for your domains using automatically provisioned certificates from Let’s Encrypt. Both TLS 1.2 and 1.3 are supported, with modern cipher suites for maximum security and performance. Never use a self-signed certificate for forwarding — browsers reject them with security warnings.