This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 7.000000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Hi All
I have two questions.
i want to disable TLS 1.1, TLS 1.0 & Triple DES on my servers. i can see IISCrypto does but i dont to use third party software.
Are the below registries changes correct.
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1
Server Folder-->New Item DWORD (32-bit) Value Underneath Server
Rename the Item DWORD (32-bit) Value to Enable(Hexadecimal value as 0)
Create New item DWORD (32-bit) 'DisabledByDefault' (Hexadecimal value as 0)
Please guide me how to disable Triple DES ciphers as i am not sure of the registry values.
Read on here. Looks like DisabledByDefault should be non-zero
https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#tls-dtls-and-ssl-protocol-version-settings
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--