• Linkedin
  • Reddit

Summary :

TLS

TLS provides secure communication between browsers and servers. You may have heard about it and understood its importance. However, do you really know what TLS is and how to enable it? Read this post and you can get the information you want.

Quick Navigation :

If you are wondering how to enable TLS for your Windows Server, you are in the right place! By the way, to manage partitions and disks in Windows Server, I recommend a professional assistant – MiniTool Partition Wizard for you.

What Is TLS

Transport Layer Security (TLS), the successor to Secure Sockets Layer (SSL) which has been deprecated now, is a cryptographic protocol designed to provide communications security over a computer network.

In other words, TLS protocol aims mainly to provide privacy and data integrity between two or more communicating computer applications. The TLS protocol comprises two layers: the TLS record and the TLS handshake protocols.

There have been 4 versions of TLS, including TLS 1.0, TLS 1.1, TLS 1.2 and TLS 1.3. In October 2018, Apple, Google, Microsoft and Mozilla jointly announced they would deprecate TLS 1.0 and 1.1 in March 2020. So, you can focus more on TLS 1.2 and 1.3.

Last month, Microsoft released an update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows. You can read this Microsoft’s article to learn more about the update and check whether you have installed updates.

So how to enable TLS? If you have updated TLS, then read more below about the instruction to enable it. Take these facts into account, I will enable TLS 1.2 for an example.

Enable TLS 1.2

Here is how to enable TLS 1.2 using Registry Editor.

Step 1: Press Windows + R to open Run window, type regedit in the empty box and click OK to run Registry Editor.

Step 2: Go ahead according to the following path:

Computer > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > SecurityProviders > SCHANNEL > Protocols

Warning: In this process, you will edit the registry. We strongly suggest backing up the current Registry state, because misuse of the Registry might have detrimental effects on your system. To back up, just highlight Computer at the top of the registry tree, then click File from the upper panel and click Export to save the registry file to a specific location.

To back up files, you may be interested in these articles:

Step 3: Right-click the Protocols folder, select New and then select Key from the context menu. Name the new key as TLS 1.2 and click it to expand.

create a new TLS 1.2 key

Step 4: Add 2 new keys underneath TLS 1.2 and name the keys as Client and Server.

Step 5: Right-click Client key and select New > DWORD (32-bit) Value from the context menu. Then name the DWORD as DisabledByDefault.

Step 6: Right-click the new DWORD and select Modify from the drop-down menu, check that the Value data is set to 0 and the Base is Hexadecimal. Then click OK.

check the Value data and the Base

Step 7: Create another DWORD for the Client key as the Step 5 and name it as Enabled. Check the Base and Value data again, but the value should be 1 this time.

Step 8: Refer to Step 5 to 7 to create two DWORDs for the Server key, respectively named DisabledByDefault and Enabled again.

Step 9: Close the Registry Editor and restart your Windows Server.

Note: If you want to revert back to the original Registry settings, just restore the Registry state from the backup. Besides, the method mentioned in this part to enable TLS 1.2 cannot be used on a Windows Server 2003 which does not support the TLS 1.2 protocol.

Disable TLS Older Versions

It’s rather important for you to have the latest cryptographic protocol on your Windows Server rather than the outdated SSL and TLS 1.0. Therefore, apart from enabling the latest TLS 1.2, you might wonder how to disable TLS older versions.

To do that, you just need to create a new key named TLS 1.0 under Protocols folder, and create a DWORD named Enabled for the new key and then set the DWORD’s Value as 0. For the detail steps, you can refer to the instruction mentioned above.

That’s all about how to enable or disable TLS in Windows Server. I hope you can benefit from this article.

windows server 2008 end of support thumbnail
How to Upgrade Windows Server 2008 before Support Ends

Windows Server 2008 end of life is approaching. It’s time to upgrade your Windows Server 2008. This post will provide you a guide.

Read More
  • Linkedin
  • Reddit

User Comments :