June 17, 2022
ranganathan.madan Windows

Disabling tls 1.0 or 1.1 in the Windows registry

To ensure maximum security, it’s important to enable TLS on Windows Server properly. TLS 1.0 is considered unsafe. If possible, use the 1.2 or newer version instead.

Disable TLS 1.0 or 1.1 via Registry

Disable TLS 1.0 or 1.1 via Registry

  1. Open registry editor.
  2. Go to HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols.
  1. TLS 1.0 or 1.1 entry does not exist in the registry by default.
  2. Create a new subkey called “TLS 1.0 or 1.1” under Protocols.
  1. Create a new subkey called “Server” under TLS 1.0 or 1.1.
  1. In the Server key, create a DWORD DisabledByDefault entry, set the value to 1.
  1. Reboot the server.