LatticeScan

How to fix it

How to make your site quantum-safe

A scan tells you what is wrong. This tells you how to fix it. Most of these are configuration changes, not rebuilds, and for many sites the fix is a single setting.

1. Turn on post-quantum key exchange (the urgent one)

This is the fix for the “harvest now, decrypt later” risk, and it is the one that matters most. You are turning on a hybrid key exchange called X25519MLKEM768, which pairs today’s encryption with the new quantum-safe ML-KEM. It is already supported by every current major browser.

Behind Cloudflare: it is on by default for traffic between browsers and Cloudflare. If your visitors reach you through Cloudflare and a scan still shows classical key exchange, the classical part is usually on the connection from Cloudflare back to your origin server. Fix the origin using the steps below, or move the endpoint behind Cloudflare.

On nginx: you need OpenSSL 3.5 or newer (which ships ML-KEM). Once you are on it, allow the hybrid group in your TLS config:

ssl_ecdh_curve X25519MLKEM768:X25519:secp256r1;

Then reload nginx. The order matters: listing the hybrid group first lets clients that support it use it, while everyone else falls back cleanly.

On a managed host or CDN (Fastly, Akamai, cloud load balancers):look for a “post-quantum” or “hybrid key exchange” toggle in the TLS settings, or ask their support when it will be available. Most large providers have shipped it or are shipping it now.

2. Require TLS 1.3

Post-quantum key exchange only works over TLS 1.3. If a scan shows endpoints stuck on TLS 1.2, upgrade them first. On nginx:

ssl_protocols TLSv1.2 TLSv1.3;

Keeping 1.2 alongside 1.3 avoids breaking older clients while letting modern ones use the newer protocol. Once you confirm nothing important still needs 1.2, you can drop it.

3. Turn off obsolete TLS (1.0 and 1.1)

If a scan flags TLS 1.0 or 1.1, switch it off regardless of quantum concerns. These versions are deprecated and insecure. Make sure your ssl_protocols line lists only TLSv1.2 and TLSv1.3, then reload.

4. Keep certificates current

If a scan shows a certificate that is expired or expiring soon, renew it. If you are not already using automatic renewal (for example with an ACME client like certbot, or your host’s built-in renewal), set it up so this never becomes a fire drill.

What you do not need to do yet

You may see that your certificates still use RSA or ECDSA keys. That is expected. There are no quantum-safe certificates to switch to yet, because no public certificate authority issues them, and the standards do not require the change until after 2030. Leave the certificates alone and focus on key exchange, which is the part that is both urgent and fixable today.

Scan again to check your fix

After you change a setting, run the scan again to confirm the endpoint now negotiates post-quantum key exchange.

Running a large estate and want help with the full inventory and migration plan? Talk to us.