TLS 1.0
Enables or disables the use of TLS 1.0.
TLS 1.0 is largely still secure. When used with HTTP, it can almost be made secure with careful configuration. However, it may be required for backwards compatibility reasons.
Changing this setting will require a restart of the computer before the setting will take effect.
Supported on: At least Windows 2000
Enable Client-side TLS 1.0 (eg., Internet Explorer)Enable policy:
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client | Enabled | REG_DWORD | 1 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client | DisabledByDefault | REG_DWORD | 0 |
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client | Enabled | REG_DWORD | 0 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client | DisabledByDefault | REG_DWORD | 1 |
Enable Server-side TLS 1.0 (eg., IIS)Enable policy:
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server | Enabled | REG_DWORD | 1 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server | DisabledByDefault | REG_DWORD | 0 |
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server | Enabled | REG_DWORD | 0 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server | DisabledByDefault | REG_DWORD | 1 |
schannel.admx
- Network
- SChannel Configuration Settings
- Cipher Suites
- Hashes
- Key Exchange Algorithms
- Protocols
- SChannel Logging
- SSL Configuration Settings
- Ciphers
- Hashes
- Key Exchanges
- Protocols
- SChannel Configuration Settings