TLS is Not Showing in the Registry? How to Enable it
Tweak your registry settings to include the TLS key and enable it
3 min. read
Updated on
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- If you're operating older hardware, it is possible it still uses the older versions of TLS, which come disabled by default.
- You'll therefore find the corresponding keys missing from the registry, but luckily, you can easily create these keys and enable the protocol.
TLS is a security protocol that ensures communication over the Internet by encrypting data. At times, you may need to adjust its registry keys for troubleshooting or any other modification.
The problem comes in when TLS is not showing in your registry. This will be our focus topic for today as we show you how to enable it in your registry.
Why is TLS 1.2 missing in the registry?
The registry is a database of information about the configuration of your computer. It’s used by Windows and other programs to store settings and information about your computer’s hardware, software, and users.
Since TLS is a critical security component, it is expected to be in the following default path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client\Enabled
However, if it is not showing in your registry, it could mean you have not enabled the feature or been disabled by default.
Older versions of TLS are known to be prone to attacks, so it is better to have them disabled as they pose a huge security risk.
Another reason it may be missing is if you have an invalid certificate. An expired or invalid certificate cannot have the corresponding key stored in the registry, so the TLS will not show in your registry.
Nevertheless, this does not mean it is impossible to enable it. The good news is that you can easily create a new key and enable the TLS protocol from your registry; below is how to do it.
How to enable TLS in registry?
First off, ensure you check the following:
- Ensure you’re logged in using a user account with administrative privileges.
- Check your system for viruses in case your registry keys were tampered with and deleted.
Now proceed with the following steps to enable TLS:
- Before you make any changes to the Registry Editor, we recommend that you backup your registry or create a restore point. This way, if anything goes wrong, you can undo the changes and avoid damage to your PC.
- Hit the Windows + R keys to open the Run command.
- Type regedit in the search box and hit Enter.
- Navigate to the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols - Right-click on the empty space in the right pane and choose New, and then Key.
- Name the new key TLS 1.2 and click to expand it.
- Navigate to TLS 1.2, click on the empty space in the right pane, and add two new keys. Name the first one Client and the second one Server.
- Now, select the Client key, right-click in the right pane and select New, and then DWORD (32-bit) Value.
- Name the DWORD DisabledByDefault, and double-click it.
- Ensure that the Base is Hexadecimal, and the value is 0 (zero).
- Create a new DWORD and name it Enabled, and double-click it.
- Ensure that the Base is, again, Hexadecimal and the Value is set to 1.
- Close the Registry Editor and reboot your PC.
And that’s how to enable TLS from your registry. While you’re still here, check out the top browsers that support the latest version of TLS for maximum security.
Were you successful in enabling TLS? Let us know in the comment section below.
User forum
0 messages