I want disable TLSv1.0 and use TLS 1.2 instead. win server 2012

rajanish tripathi 1 Reputation point
2021-01-20T05:49:40.76+00:00

I want disable TLSv1.0 and use TLS 1.2 instead.

but when i visit Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\

i am able to see only SSl2.0 then how i am able to use TLS 1.2 please suggest its live 2012 server58479-tls.jpg

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,607 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Hannah Xiong 6,276 Reputation points
    2021-01-20T06:13:22.327+00:00

    Hello,

    Thank you so much for posting here.

    Hope something here could be helpful.
    https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Hannah Xiong 6,276 Reputation points
    2021-01-21T05:47:46.493+00:00

    Hello,

    Thank you so much for your kindly reply.

    TLS 1.2 is enabled by default on 2012 & 2012 R2. Since we are not able to see TLS in regstry, we could manually create the necessary subkeys for TLS 1.2.

    IMPORTANT: As always and it’s worth repeating, you need to backup your current registry settings before attempting any of these changes on your servers. Below are the steps:

    1,Launch regedit.exe.

    2, In registry, go to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

    3, Create a new DWORD entry with a name TLS 1.2 and create another subkey Server.

    4, Under the subkey Server, create another DWORD Enabled with a value of 1.

    5, Still under the subkey Server, create a DWORD DisabledByDefault with a value of 0.

    6, You must create a subkey DisabledByDefault entry in the appropriate subkey (Client, Server) and set the DWORD value to 0 since this entry is set to 1 by default.

    7, Reboot the server and test.

    58957-1.png

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.