Have repeatedly checked the registry keys so that SSL 2.0, SSL 3.0 and TLS 1.0 are disabled, TLS 1.1 and TLS 1.2 are enabled. Have tried manually, scripted and using Nartac’s IISCrypto, but even after a reboot, my SSL Report fails with “Assessment failed: No secure protocols supported” and I can’t connect to any of the web pages on the server. DisabledByDefault Īfter making all above setting reboot your server.Ĭan’t get this working on Server 2008 R2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocolsģ.2 Now change DWORD Values under Server and Client under TLS 1.0, SSL 3.0 and Older SSL version keys. Step 3 – Disable TLS and SSL Older Versionsģ.1 Open registry on your server by running ‘regedit’ in run window and navigate to below location. It will looks like directories.Ģ.3 Now create two keys Client and Server under both TLS keys.Ģ.4 Now create the DWORD Values under Server and Client key as following DisabledByDefault HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\ProtocolsĢ.2 Add the TLS 1.1 and TLS 1.2 keys under Protocols. You can do this by directly editing registry file manually.Ģ.1 Open registry on your server by running ‘ regedit‘ in run window and navigate to below location. Option 1 – Merge Resistry Fileĭownload the Enable-TLS12-Windows.reg and Enable-TLS12-TLS11-Windows.reg files on your Windows system. You have two options to enable TLS version on your system.
Iis enable tls 1.2 windows 10 how to#
Use below link to find steps to how to export registry values. We strongly recommend taking a backup of the registry before making any changes. This article will help you enable TLS security in Windows Server 2008 R2 or later versions by editing registry. Nowadays there is an SSL vulnerability called POODLE discovered by Google team in SSLv3 protocol.