How to choose between TLS/SSL Implicit and Explicit mode?

  |   Martin Vobr

What’s common for FTP, POP3, IMAP, SMTP, HTTP? All those protocols share same method for encryption of communication between client and server – the TLS/SSL. TLS is just a new name for SSL version 3.1 (for details see KB article about Secure FTP).

The TLS/SSL comes in two common flavors:

  • TLS/SSL Explicit
  • TLS/SSL Implicit

What’s the difference?

Detailed description can be found at KB article about TLS/SSL implicit and explicit modes difference. Simplified explanation follows:

TLS/SSL Explicit

  • Runs on the same port as plain (unencrypted) protocol.
  • Client must ask the server to switch the encryption on.

TLS/SSL Implicit

  • Runs on a different port than plain (unencrypted) protocol.
  • Encryption is turned on automatically.

How to choose which one to use?

You may have received a hostname and port from you admin and you are wondering which version of TLS/SSL security should be used. A general rule of thumb seems to be simple:

  • If the port is the same as standard port for this protocol use the TLS/SSL Explicit
  • If the port is different use the TLS/SSL Implicit

See following KB article for standard and TLS/SSL Explicit ports for FTP, POP3, IMAP, SMTP and HTTP.

P.S. In addition to blogging, we are also using Twitter for quick updates and to share links. Follow us

Showcase your application on Rebex.Net

Have you created an interesting application using Rebex components? Would you like to share your development experience with the world? To include your app in our App Showcase, please contact us at