CONTACT US: 1-800-622-4403
CUSTOMER LOGIN
Domains To Datacenter Since 1994

How to Disable TLS on a Windows 2008 Server

On W2K8 R2 SP1 servers and higher, support for TLS 1.1 and TLS 1.2 are supported. To disable TLS 1.0, you need to do the following
 
- Disable TLS 1.0:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
 
- Enable TLS 1.2:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
 
- Disable old Ciphers (a verity may already be turned off)
 
- Reboot the server to pick up the changes.
 
- Use an SSL server test to verify protocols and ciphers are turned off and you receive a good rating. Example site to test your SSL is: https://www.ssllabs.com/ssltest/
 
- NOTE: If on W2K8 R2 SP1 server, update the RDP security to use TLS 1.2. If TLS 1.0 is disabled, you can lock yourself out of RDP access. Open Remote Desktop Session Host Configuration.  Double click on the Connection Name "RDP-Tcp" and change the setting for the Security Layer from TLS 1.0 to RDP Security Layer.

Buy SSL Certificates starting at $39


Buy Hosted Exchange - money back guarantee


Buy WordPress Hosting - money back guarantree


Buy Windows VPS Hosting - money back guarantree


Feedback and Knowledge Base