Installation
Windows 7 does not enforce TLS 1.2 by default, which can lead to security issues. Follow these steps to ensure TLS 1.2 is enabled:
- Update Internet Explorer:
- Ensure Internet Explorer is updated to the latest version (11).
- Enable TLS 1.1 and TLS 1.2:
- Open Internet Options.
- Go to Advanced settings.
- Check "Use TLS 1.1" and "Use TLS 1.2".
Important
If Internet Explorer is not updated, these Registry values won't take effect. Also, ensure update "KB3140245" is installed.
Microsoft Knowledge Article: KB3140245
- Update Windows:
- Ensure all important updates, including up to the latest 2020 Cumulative updates, are installed. This ensures the OS Trusted Certificates Store is regularly updated by Microsoft servers.
- Registry Configuration:
- After installing all the latest Windows Updates, download and run the Microsoft Easy Fix tool linked in KB3140245 article (download link).
- Alternatively, add the following values manually by copying and saving them as a
.regfile:
Windows Registry Editor Version 5.00
; Make all protocols available
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\]
DefaultSecureProtocols=DWORD:0xAA0
; Make all protocols available
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\]
DefaultSecureProtocols=DWORD:0xAA0
; TLS 1.1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
DisabledByDefault=DWORD:0
Enabled=dword:1
; TLS 1.2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
DisabledByDefault=DWORD:0
Enabled=dword:1They should be added automatically by some .Net framework update, but in case the OS doesn't have them added already, you can put them manually, this will also improve compatibility with a lot of new .Net apps
use double black slashes. On Linux/MacOS, one slash is fine.