(This identical question in dba is drawing a blank)
Background
We need PCI-DSS compliance, and so must disable TLS1.0. In my test environment we have SQL Server 2014 SP1 with CU 1 (as per this post) and IIS 8 all on the same box. I used the Nartac IIS Crypto tool to disable TLS1.0 and rebooted. That's when my troubles began.
SQL Agent won't start, SSMS can't connect to the server, and the website stops working. (Fortunately, I can still make a Remote Desktop Connection to my test server.)
Then I read Microsoft's article which says basically SQL Server just has to have TLS1.0.
Question
Can I fix this? (Maybe I need a separate box in the test environment for SQL Server?)
Edit
I've changed my test environment so that IIS and SQL Server are on different boxes. TLS1.0 is disabled on the IIS box. I've modified the registry settings to enable outgoing calls (i.e. to the SQL box) over TLS1.0 while denying incoming calls (i.e. from website users) using John Louros' powershell script (sorry, insufficient reputation to post the link). Still no luck.