AnsweredAssumed Answered

TLS 1.1 & 1.2 not listed as Enabled

Question asked by Michael Oakes on Jan 21, 2016
Latest reply on Jan 24, 2016 by j-mailor

Hey Guys,  We have scanned a stanging stite with SSL LABS scanner and its listed only TLS 1.0 as enabled.

 

The smae registry settings are applied for the entries of 1.1 and 1.2 but they list as not enabled.  Have we set something wrong ?

 

The entries we have used for all three are as follows.

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]

"Enabled"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1Server]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]

"Enabled"=dword:00000001

 

Note:  on Win Server 2008 R2 running IIS 7

Outcomes