none
Registry issue 2008

    Question

  • Hi,

    I have disabled TLS 1.0 in windows 2008 R2 server registry and we did multiple server reboots also. But TLS 1.0 is still responding. how to disable the TLS 1.0 forcefully. Anyone has any idea about this?.

    Friday, June 17, 2016 10:09 AM

Answers

  • Hi,

    Thanks for your post.

    How did you set the registry?

    To disable the TLS 1.0 protocol

    1. On the client computer, set the DisabledByDefault DWORD value to 00000001.
    2. On the server computer, set the Enabled DWORD value to 00000000.

    The path of the registry:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server

    For more information, you could refer to the article below.

    How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll

    https://support.microsoft.com/en-us/kb/245030

    You could also perform this in GPO.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Monday, June 20, 2016 8:01 AM
    Moderator