Can't enable TLS 1.2 on Windows 2008 SP2 (non R2)


  • Tried changing the register by following these instructions:

    Used IIS_Crypto and it never shows TLS 1.1 nor TLS 1.2 to select.

    My Windows is up to date.

    I'm trying to use winhttp to connect to a https (WHM/cpanel API) but they only support TLS 1.2. So, I always get this error:

    WinHttp.WinHttpRequest error '80072f8f'

    A security error occurred

    Any ideas?

    Friday, May 18, 2018 1:21 PM

All replies

  • Have you added the registry keys mentioned here:


    Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2






    Controls the use of TLS 1.1 on the client



    Controls the use of TLS 1.1 on the server



    Flag to disable TLS 1.1 by default




    NOTE: For TLS 1.2 to be enabled and negotiated, you must create the DisabledByDefault DWORD entry in the appropriate subkey (Client, Server), and then change the DWORD value to 0. 


    can you share the version of SCHANNEL.DLL

    I this response helps you, then please mark this as an "Answer" Regards, Kaushal Blog:

    Monday, May 21, 2018 2:06 PM
  • Thank you Kaushal for the answer!

    My schannel.dll (at c:\windows\system32\, right?) version is 6.0.6022.24383

    And I already added the registry keys as mentioned:

    Rebooted the server.. and still got the problem.. I tried changing enabled key to fffffff and the results are the same.
    • Edited by MatheusVF Monday, May 21, 2018 2:32 PM
    Monday, May 21, 2018 2:31 PM
  • Any suggestions?
    Thursday, May 24, 2018 1:44 PM