Remove From My Forums

TLS 1.0

Question
0

Sign in to vote

Hello,

Greetings !

Just a query: In our project server, TLS 1.0 parameter itself missing on registry - Which means TLS 1.0 is disabled by default or do I need to create TSL 1.0 dword again to disable the same.

Thanks & Regards,

Murali Gangatharan V

Tuesday, April 16, 2019 12:42 PM

Answers

0

Sign in to vote
Hi Murali,

What Operating System is this on? TLS 1.0 isn't a strong protocol so I assume you need this for app/browser compatibility?

A good tool that will show you all of the currently enabled ciphers/protocols etc can be found below (when you run it, if the box is ticked then it is enabled):

https://www.nartac.com/Products/IISCrypto/

Let me know if you have any further questions.

Thanks,

Matt
- Proposed as answer by KatarinaT Wednesday, April 17, 2019 11:01 PM
- Marked as answer by Dale Howard [MVP]MVP Wednesday, April 24, 2019 11:38 PM
Tuesday, April 16, 2019 2:17 PM
0

Sign in to vote
Hi Murali,

TLS negotiation will work on the highest compatible version and so if you have TLS 1.2 enabled and the client supports it then it will use that. That being said, it is still good practice to disable TLS 1.0 and 1.1 as those can be used to attack the site and compromise it.

Thanks,

Matt
- Marked as answer by Murali Gangatharan Vijayarajan Thursday, May 9, 2019 2:04 PM
Wednesday, May 8, 2019 2:48 PM

All replies

0

Sign in to vote
Hi Murali,

What Operating System is this on? TLS 1.0 isn't a strong protocol so I assume you need this for app/browser compatibility?

A good tool that will show you all of the currently enabled ciphers/protocols etc can be found below (when you run it, if the box is ticked then it is enabled):

https://www.nartac.com/Products/IISCrypto/

Let me know if you have any further questions.

Thanks,

Matt
- Proposed as answer by KatarinaT Wednesday, April 17, 2019 11:01 PM
- Marked as answer by Dale Howard [MVP]MVP Wednesday, April 24, 2019 11:38 PM
Tuesday, April 16, 2019 2:17 PM
0

Sign in to vote

Hi Murali,

Did you get to the bottom of this issue?

Thanks,

Matt

Friday, April 19, 2019 6:38 PM
0

Sign in to vote

Hi Murali,

Did you get this resolved?

Thanks,

Matt

Tuesday, April 23, 2019 11:38 AM
0

Sign in to vote

Matt --

Doesn't it frustrate you to give someone an answer in this forum, and then they cannot give you the common courtesy of letting you know if the solution worked? I am going to mark your first reply as the answer to this question so we can move on. Hope this helps.
Dale A. Howard [MVP]

Wednesday, April 24, 2019 11:38 PM
0

Sign in to vote

Hey Matt,

Sorry for the delay in response. Just today got time to open this forum, my bad. The tool you provided worked like charm (On our server, TLS 1.0 is grey-out but tick marked), Thanks for it. Our servers are 2016 OS !

General doubt, if the protocol (TLS 1.0) is not there (deleted means) then automatically it has to search for next protocol right but this is something different(enabled --> hidden).

Thank you.

Murali

Wednesday, May 8, 2019 1:42 PM
0

Sign in to vote
Hi Murali,

TLS negotiation will work on the highest compatible version and so if you have TLS 1.2 enabled and the client supports it then it will use that. That being said, it is still good practice to disable TLS 1.0 and 1.1 as those can be used to attack the site and compromise it.

Thanks,

Matt
- Marked as answer by Murali Gangatharan Vijayarajan Thursday, May 9, 2019 2:04 PM
Wednesday, May 8, 2019 2:48 PM

Answered by:

TLS 1.0

Question

Answers

All replies