Windows server 2022 TLS 1.3

Question

Windows server 2022 TLS 1.3

Albert Ashkhatoyan 21

I want to remove all old TLS versions and use only TLS 1.3
I disabled TLS 1.0 , 1.2 , 1.1 and ciphers that support them but when checking with Wireshark it still using the bot of versions 1.2 and 1.3
Can somebody tell me is it possible if yes, how can i do
Thanks in advance!
P.S
I'm using windows server 2022

2 answers

Your answer

Answer 1

Anonymous

Hi,

Based on my research, there are 2 situations when the TLS was disabled:

Disabled by default: unless the SSPI caller explicitly requests this protocol version using the deprecated SCHANNEL_CRED structure, Schannel SSP will not negotiate this protocol version.

Disabled: Schannel SSP will not negotiate this protocol version regardless of the settings the SSPI caller may specify.

They can be defined due to your requirements:
https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings

Best Regards,

Albert Ashkhatoyan 21 Reputation points

2021-07-26T07:43:01.35+00:00

I Used the documentation but TLS 1.2 connection still exist.

Answer 2

Anonymous

Hi，

Try to set the value as the following screenshot showing to disable the the TLS 1.2.

Albert Ashkhatoyan 21 Reputation points

2021-07-27T06:49:30.447+00:00

Hi，
Thank you for answer!

The same. I tried everything possible, but no result(
I need to block requests with TLS 1.2 (like Client and like Server)
Anonymous

2021-07-28T00:41:44.773+00:00

Hi,
I would do more research about it.
If there are any progresses, i will update here!

Best Regards,

Share via

Windows server 2022 TLS 1.3

2 answers

Your answer