How to enable TLS 1.2 on clients

12/13/2019

There are three tasks for enabling TLS 1.2 on clients:

• Update Windows and WinHTTP
• Ensure that TLS 1.2 is enabled as a protocol for SChannel at the operating system level
• Update and configure the .NET Framework to support TLS 1.2

Ref: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client

Verify the value of the DefaultSecureProtocols registry setting, for example:

1
2
3
4

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\
      DefaultSecureProtocols = (DWORD): 0xAA0
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\
      DefaultSecureProtocols = (DWORD): 0xAA0