How to check if TLS 1.2 is enabled

November 27th, 2021 | Tags:
  1. If the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.2ClientDisabledByDefault is present, the value should be 0.
  2. If the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.2ClientEnabled is present, value should be 1.
  3. Check if TLS 1.2 is set as the default secure protocol in WinHTTP for Windows versions Windows Server 2008 R2, Windows Server 2012, and Windows 7.
How to check if TLS 1.2 is the default secure protocol in WinHTTP:
Compatible versions: Windows Server 2008 R2, 2012, and Windows 7
  1. Check Microsoft update ‘kb3140245’ is installed.
  2. Check if the below registry key contains the value ‘0x00000A00’ or ‘0x00000800’:
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsWinHttpDefaultSecureProtocols
  3. If it is a 64 bit machine, check ‘Wow6432Node’ path also:
    HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionInternet SettingsWinHttpDefaultSecureProtocols
No comments yet.