![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 83%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUD%3C/text%3E%3C/svg%3E)
5,100 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi,
According to below two articles, TLS 1.2 is enabled by default on Windows 8/Windows Server 2012 and later vsesions.
"For TLS 1.2 default settings, see Protocols in the TLS/SSL (Schannel SSP)." While Protocols in the TLS/SSL (Schannel SSP) indicates TLS 1.2 is enabled.
https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#tls-12
https://learn.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-
does it mean even though we don't have a registry entry in 'SCHANNEL' it is enabled?
Below article mentioned "TLS 1.2 is enabled by default. Therefore, no change to these keys is needed to enable it." So, I think the answer for your question should be "Yes".
https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_protocol
Hope the information helps.
Thanks,
Eleven
If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.