Can anyone provide a solution to disable TLS 1.0 as default protocol on Windows Server 2012 Standard with 4.5 .Net Framework installed on the machine. The application running on the server have target framework of .NET 4.5 and is making connection with another server which have only TLS 1.2 enabled.
I have tried setting the below Registries but it is still making call on TLS1.0:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "Enabled"=dword:00000001 "DisabledByDefault"=dword:00000000
Microsoft's documentation site only list the fix in code by setting the Security protocol as below
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
But is there any way to achieve this via the registry?
For anyone with similar problems:
Open PowerShell run as administrator:
[Net.ServicePointManager]::SecurityProtocol
Notice the response is
Ssl3, Tls
Run the following 2 commands in PowerShell
Close PowerShell, reopen as admin, run:
[Net.ServicePointManager]::SecurityProtocol
Now notice the output, the system will work without using this code
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
Output is:
Tls, Tls11, Tls12
Disable the
Tls1
on the OS and it will negotiateTls12
if available.