Problem

How to enable TLS 1.2 on Windows Server 2008 R2?

Resolution

QuoVadis recommends enabling and using the TLS 1.2 protocol on your server.  TLS 1.2 has improvements over previous versions of the TLS and SSL protocol which will improve your level of security.  By default, Windows Server 2008 R2 does not have this feature enabled.  This KB article will describe the process to enable this.

    1. Start the registry editor by clicking on Start and Run. Type in "regedit" into the Run field (without quotations).
    1. Highlight Computer at the top of the registry tree.  Backup the registry first by clicking onFile and then on Export.  Select a file location to save the registry file.

Note:

      You will be editing the registry.  This could have detrimental effects on your computer if done incorrectly, so it is strongly advised to make a backup.
    1. Browse to the following registry key:
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
    1. Right click on the Protocols folder and select New and then Key from the drop-down menu. This will create new folder.  Rename this folder to TLS 1.2.
    1. Right click on the TLS 1.2 key and add two new keys underneath it.
    1. Rename the two new keys as:
      • Client
      • Server
    1. Right click on the Client key and select New and then DWORD (32-bit) Value from the drop-down list.
    1. Rename the DWORD to DisabledByDefault.
    1. Right-click the name DisabledByDefault and select Modify... from the drop-down menu.
    1. Ensure that the Value data field is set to 0 and the Base is Hexadecimal.  Click on OK.
    1. Create another DWORD for the Client key as you did in Step 7.
    1. Rename this second DWORD to Enabled.
    1. Right-click the name Enabled and select Modify... from the drop-down menu.
    1. Ensure that the Value data field is set to 1 and the Base is Hexadecimal. Click on OK.
    1. Repeat steps 7 to 14 for the Server key (by creating two DWORDs, DisabledByDefaultand Enabled, and their values underneath the Server key).
  1. Reboot the server.

Your server should now support TLS 1.2.

Note: This article cannot be used on a Windows Server 2003 (IIS 6).  Windows Server 2003 does not support the TLS 1.2 protocol.

Reverting Back

If you make a mistake or something just isn't right, you can revert back to your previous registry settings by opening the Registry Editor and importing the backup you made in step x.

最新文章

  1. 码农谷 找出N之内的所有完数
  2. DUILIB 背景贴图
  3. FindBugs工具常见问题
  4. android 动画NineOldAndroid
  5. iOS UIView 基本属性用法
  6. Lucene实例教程
  7. PHP学习笔记7-JSON数据操作
  8. FreeCodeCamp:Return Largest Numbers in Arrays
  9. 【Eclipse】Tomcat 一直处于starting状态,项目却已成功启动
  10. svn经常使用命令具体解释(非常全,非常有用)
  11. Asp.Net Core 中获取应用程序物理路径(Getting the Web Root Path and the Content Root Path in ASP.NET Core)
  12. linux GCC 编译多个.c/.h文件
  13. Catalan 数列的性质及其应用(转载)
  14. Confluence 6 上传站点图标后重置你的配色方案
  15. [Python设计模式] 第28章 男人和女人——访问者模式
  16. Music in Car CodeForces - 746F (贪心,模拟)
  17. 如何获取堆的dump 的信息,如何分析
  18. shell for if
  19. 「PKUSC2018」真实排名(组合)
  20. elasticsearch的join查询

热门文章

  1. 【CSS系列】网页头部进度条方式一
  2. linux常用命令大全2--挂载/dpkg/文件系统分析/apt/光盘/关机
  3. CONE NAT 和 Symmetric NAT
  4. 【JSP】EL函数和自定义EL函数
  5. 【CF802C】Heidi and Library (hard) 费用流
  6. Thinkphp框架下设置session的过期时间
  7. 构建Maven项目时常见错误
  8. PAT甲1115 Counting Nodes in a BST【dfs】
  9. 专访|HPE测试中心总监徐盛:测试新思维-DevOps,持续测试,更敏捷,更快速
  10. 为什么用VUE,而不用Jquery了?