How to enable TLS 1.2 on Windows Server R2

Source: Internet
Author: User

Problem

How to enable TLS 1.2 on Windows Server R2?

Resolution

Quovadis recommends enabling and using the TLS 1.2 protocol on your server.  TLS 1.2 have improvements over previous versions of the TLS and SSL protocol which would improve your level of security.  By default, Windows Server R2 does not has this feature enabled. This KB article would describe the process to enable this.

      1. Start the Registry Editor by clicking on Start and Run. Type in ' regedit ' into the Run field (without quotations).

      1. Highlight Computer at the top of the registry tree.  Backup the registry first by clicking onFile and then on Export. Select a file location to save the registry file.


Note:

    You'll be
        editing the registry. This could has detrimental effects on your computer if do incorrectly, so it's strongly advised to make a backup.



      1. Browse to the following registry key:
        Hkey_local_machine\system\currentcontrolset\control\securityproviders\schannel\protocols

      1. Right click on the Protocols folder and select New and then Key from the Drop-down menu.  This would create new folder. Rename This folder to TLS 1.2.

      1. Right click on the TLS 1.2 key and add the new keys underneath it.

      1. Rename the new keys as:
        • Client
        • Server

      1. Right click on the Client key and select New and then DWORD (32-bit) Value from the drop- Down list.

      1. Rename the DWORD to disabledbydefault.

      1. Right-click the name disabledbydefault and select Modify ... from the Drop-down menu.

      1. Ensure the Value data field is set to 0 and the Base is hexadecimal. Click on OK.

      1. Create another DWORD for the Client key as you do in Step 7.

      1. Rename This second DWORD to Enabled.

      1. Right-click the name Enabled and select Modify ... from the Drop-down menu.

      1. Ensure the Value data field is set to 1 and the Base is hexadecimal. Click on OK.

      1. Repeat steps 7 to + for the Server keys (by creating, DWORDs, disabledbydefault and Enabled, and their values underneath the Server key).

    1. Reboot the server.

Your server should now support TLS 1.2.

Note:  This article cannot is used on a Windows Server 2003 (IIS 6). Windows Server 2003 does not support the TLS 1.2 protocol.

Reverting back

If you make a mistake or something just isn ' t right, you can revert back to your previous registry settings by opening the Registry Editor and importing the backup you made in step x.

How to enable TLS 1.2 on Windows Server R2

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.