Ensure TLS 1.2 is enabled

TLS 1.2 is the most recent and mature protocol for protecting the confidentiality and integrity of HTTP traffic. Enabling TLS 1.2 is recommended. This protocol is enabled by default if the registry key is not present. With any registry changes, a reboot is required for changes to take effect.

Perform the following to enable TLS 1.2:

  1. Check to see if the following key exists. If it does not, TLS 1.2 is enabled by default. If it does, you can delete it or follow step 2. 
    HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\
  2. If the key exists, set the following key to 0xFFFFFFFF. 
    HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server\Enabled