Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This how-to guide shows you how to use the DefaultSecureProtocols registry entry to choose which protocols for the Windows HTTP Services (WinHTTP).
The DefaultSecureProtocols registry entry allows you to specify which SSL protocols should be used when the WINHTTP_OPTION_SECURE_PROTOCOLS flag is used. The setting allows applications that were built to use the WinHTTP default flag to be able to use the newer TLS protocols or prevent older SSL based natively without any need for updates to the application.
Prerequisites
Calculate the value of
DefaultSecureProtocolswith WINHTTP_OPTION_SECURE_PROTOCOLS.Confirm that your account has Administrative rights to the system.
Make sure that PowerShell is installed.
Configure DefaultSecureProtocols
Select which architecture type to add and set the DefaultSecureProtocols registry entry:
Open an elevated PowerShell prompt.
To create and set the
DefaultSecureProtocolsregistry key, run the following command and replace{value}with theDefaultSecureProtocolsvalue that you selected from Calculate the value.Get-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp" | New-ItemProperty -Name "DefaultSecureProtocols" -Value "{value}"Either reboot the machine or restart whichever services are using WinHTTP.
Next steps
- To configure the
DefaultSecureProtocolsregistry entry for multiple machines, see Configure a Service Item.