Block TLS versions under 1.2

Owned by Daniel Gamallo

Jun 15, 2023

1 min read

Go to “Start”
Type “regedit”
Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

The registry keys have to have TLS 1.0, TLS 1.1, TLS 1.2 and Client and Server key for each

Create DWORDs by right clicking with the following names until the list looks like this for each Client and Server, in the TLS 1.0, TLS 1.1 folders

DisabledByDefault data has to be 1, and Enabled 0

Create DWORDs by right clicking with the following names until the list looks like this for each Client and Server, in the TLS 1.2 folder

Restart the server