Windows Server: How to enable TLS with ease

2 minute read
windows server

Home » How To » Windows Server: How to enable TLS with ease

If you were wondering how to enable or disable TLS (Transport Layer Security) on Windows Server, you are at the right place. Transport Layer Security 1.0 isn’t supported since the last year so what you also want to do, besides enabling the latest TLS 1.2, is disabling TLS 1.0. It’s quite important to have the latest cryptographic protocol on your Windows Server and not outdated SSL and TLS 1.0.

Windows Server: How to disable TLS

1. Enable TLS 1.2

So, without further ado, follow these instructions to enable (and disable) TLS in Windows Server:

  1. If you are running Windows Server 2008, check this Microsoft’s article regarding the necessary update in order to enable TLS 1.2. Once you’ve installed updates, move to the steps below.
  2. Open Registry Editor.
  3. Since we are dealing with registry, we strongly suggest backing up the current Registry state. Misuse of the Registry might have detrimental effects on your system.
  4. Once we’ve dealt with that, follow this path:
    Computer\HKEY_LOCAL_MACHINE\SYSTEM\
    CurrentControlSet\Control\SecurityProviders\
    SCHANNEL\Protocols
  5. Right-click on the empty space in the right pane and choose New > Key.
  6. Name the new key TLS 1.2 and click to expand it.
  7. Again, click on the empty space in the right pane and add two new keys. Name the first one Client and the second one Server. It should look like this.regedit lts 1.2 enable windows server
  8. Now, select the Client key, right-click in the right pane and select New > DWORD (32-bit) Value.
  9. Name the DWORD DisabledByDefault, right-click on it and select Modify.
  10. Ensure that the Base is Hexadecimal and the value is 0 (zero).
  11. Create a new DWORD and name it Enabled.
  12. Ensure that the Base is, again, Hexadecimal and the Value is this time 1.
  13. Repeat this for the Server key with the exactly the same DWORDS and values.
  14. Close the Registry Editor and reboot your server.
  15. If you want to revert back to the initial settings, just restore the Registry state from the backup.

Looking for the best backup software for Windows servers? Here are the best options.


2. Disable TLS 1.0 and TLS 1.1

  1. Open Registry Editor.
  2. Navigate to
    Computer\HKEY_LOCAL_MACHINE\SYSTEM\
    CurrentControlSet\Control\SecurityProviders\
    SCHANNEL\Protocols
  3. Create a new key as already explained, and name it TLS 1.1. You can create the one named TLS 1.0 as well.
  4. Create the DWORD and name it Enabled.
  5. Set its value to 0 and confirm changes.
  6. And that’s it, you have disabled TLS 1.0 (TLS 1.1).

That’s how to enable or disable TLS on Windows Server. With those steps, TLS 1.2 is enabled and TLS 1.0 disabled with ease. Although, it’s not really necessary to do so.

RELATED STORIES YOU SHOULD CHECK OUT:

Discussions

Next up

Google Chrome doesn’t finish downloads? Try this

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

We all know how good Google Chrome is. This is why the browser became the most popular surfing tool in the world. Usually, Chrome is […]

Continue Reading

Not enough physical memory error in VMware [FULL FIX]

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

A large number of VMware users have reported encountering the following error message: Not enough physical memory is available to power this virtual machine with […]

Continue Reading

Troubles with your Uplay login? Here’s what you can do

John Taylor avatar. By: John Taylor
2 minute read

Some users have reported that they are having problems when trying to log in their Uplay client. Apparently, they receive an error message that looks […]

Continue Reading