TLS 1.2 Not showing by default in Windows Server 2012 R2

Question

It is my understanding from reading this article:

That in the registry TLS 1.2 should be enabled by default on Windows Server 2012 R2.

However, checking the registry on our webservers, this key is missing?

I am using AWS EC2 boxes with the vanilla Windows Server 2012 R2 AMI.

Any help would be greatly appreciated.

I used this website to see what was enabled on our website. Might be worth a try: https://www.ssllabs.com/ssltest/analyze.html — Anthony, Mar 22 '17 at 13:44
This may help: https://github.com/TheLevelUp/pos-tls-patcher — user24601, Mar 08 '18 at 04:46

score 5 · Accepted Answer · answered Jan 07 '16 at 18:10

5

I believe "enabled by default" means the key doesn't have to exist for it to be turned on. You only need to add the value if you want to disable it.

answered Jan 07 '16 at 18:10

Ryan Bolger

That makes sense then, thank you for your answer, I guess my issue must be in the application not the server – Uberzen1 Jan 07 '16 at 18:33

score 5 · Answer 2 · answered Jan 07 '16 at 18:39

5

IIS Crypto is a great tool for easily seeing what protocols and ciphers are enabled on your server

answered Jan 07 '16 at 18:39

Mass Nerder

Thanks, I did download that and try it in Dev but was reluctant to drop the exe and poke around on live. – Uberzen1 Jan 07 '16 at 18:43

2 Answers2