TLS provides secure communication between browsers and servers. You may have heard about it and understood its importance. However, do you really know what TLS is and how to enable it? Read this post and you can get the information you want.
If you are wondering how to enable TLS for your Windows Server, you are in the right place! By the way, to manage partitions and disks in Windows Server, I recommend a professional assistant – MiniTool Partition Wizard for you.
What Is TLS
Transport Layer Security (TLS), the successor to Secure Sockets Layer (SSL) which has been deprecated now, is a cryptographic protocol designed to provide communications security over a computer network.
In other words, TLS protocol aims mainly to provide privacy and data integrity between two or more communicating computer applications. The TLS protocol comprises two layers: the TLS record and the TLS handshake protocols.
There have been 4 versions of TLS, including TLS 1.0, TLS 1.1, TLS 1.2 and TLS 1.3. In October 2018, Apple, Google, Microsoft and Mozilla jointly announced they would deprecate TLS 1.0 and 1.1 in March 2020. So, you can focus more on TLS 1.2 and 1.3.
Last month, Microsoft released an update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows. You can read this Microsoft’s article to learn more about the update and check whether you have installed updates.
So how to enable TLS? If you have updated TLS, then read more below about the instruction to enable it. Take these facts into account, I will enable TLS 1.2 for an example.
Enable TLS 1.2
Here is how to enable TLS 1.2 using Registry Editor.
Step 1: Press Windows + R to open Run window, type regedit in the empty box and click OK to run Registry Editor.
Step 2: Go ahead according to the following path:
Computer > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > SecurityProviders > SCHANNEL > Protocols
To back up files, you may be interested in these articles:
- How Do I Backup Partition with the Best Partition Manager,
- Here Is How to Back up Windows 7/8/10 Easily and Safely
Step 3: Right-click the Protocols folder, select New and then select Key from the context menu. Name the new key as TLS 1.2 and click it to expand.
Step 4: Add 2 new keys underneath TLS 1.2 and name the keys as Client and Server.
Step 5: Right-click Client key and select New > DWORD (32-bit) Value from the context menu. Then name the DWORD as DisabledByDefault.
Step 6: Right-click the new DWORD and select Modify from the drop-down menu, check that the Value data is set to 0 and the Base is Hexadecimal. Then click OK.
Step 7: Create another DWORD for the Client key as the Step 5 and name it as Enabled. Check the Base and Value data again, but the value should be 1 this time.
Step 8: Refer to Step 5 to 7 to create two DWORDs for the Server key, respectively named DisabledByDefault and Enabled again.
Step 9: Close the Registry Editor and restart your Windows Server.
Disable TLS Older Versions
It’s rather important for you to have the latest cryptographic protocol on your Windows Server rather than the outdated SSL and TLS 1.0. Therefore, apart from enabling the latest TLS 1.2, you might wonder how to disable TLS older versions.
To do that, you just need to create a new key named TLS 1.0 under Protocols folder, and create a DWORD named Enabled for the new key and then set the DWORD’s Value as 0. For the detail steps, you can refer to the instruction mentioned above.
That’s all about how to enable or disable TLS in Windows Server. I hope you can benefit from this article.