Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Manually Enable/Disable SSL/TLSFor more info on how to turn on SSL/TLS.
Please google or go to this site:
https://www.fastvue.co/tmgreporter/blog/how-to-enable-and-disable-ssl-tls-versions-on-forefront-tmg
To manually turn on TLS 1.2 and disable the rest of the security protocols, go to the registry by typing regedit in run.
Open Regdit (Start | Run | Regedit) Navigate to the registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\
SCHANNEL\Protocols Here you will need to create a key for each of the cryptographic protocols. Create keys named SSL 1.0, SSL 2.0,
SSL 3.0 TLS 1.0, TLS 1.1, TLS 1.2 Within each protocol key, create two sub keys. One named Client, the other named Server Within each of the Client and Server keys, create a DWORD with the name Enabled. A value of 1 enables the
protocol where a value of 0 disables it. Only enable for TLS 1.2 and disable for the other protocols SSL 1.0, SSL 2.0, SSL 3.0 TLS 1.0, TLS 1.1.
Right click on the above created folders Eg: SSL 1.0>New>Key to create the Client and Server folders under SSL 1.0.
TLS 1.2 Client and Server Enabled
Please set Enabled = 1 for TLS 1.2 Client and Server
SSL 1.0 Client and Server Disabled
SSL 2.0 Client and Server Disabled
SSL 3.0 Client and Server Disabled
TLS 1.0 Client Server Disabled
TLS 1.1 Client Server Disabled