- 1 year ago
How to enable server side SSL3.0, TSL1 on Windows server 2016 (IIS 10)?
In Windows Server 2016 with IIS 10, SSL 3.0 and TLS 1.0 are disabled by default due to security vulnerabilities. However, if you still need to enable them, you can do so through the Windows Registry. Keep in mind that enabling SSL 3.0 and TLS 1.0 is not recommended for security reasons, and you should consider using more secure protocols like TLS 1.2 or TLS 1.3.
To enable SSL 3.0 and TLS 1.0, follow these steps:
Open Registry Editor:
PressWin + R
to open the Run dialog, typeregedit
, and press Enter to open the Registry Editor.Navigate to TLS/SSL Protocols:
In the Registry Editor, navigate to the following location:mathematicaHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
Create SSL 3.0 and TLS 1.0 Keys:
Right-click on theProtocols
key, select New > Key, and create the following two keys:SSL 3.0
TLS 1.0
Create Client and Server Subkeys:
Inside theSSL 3.0
andTLS 1.0
keys, create two subkeys namedClient
andServer
for each key.Create Enabled DWORD Value:
Inside eachClient
andServer
key, create a new DWORD value namedEnabled
and set its value to1
.Restart the Server:
After making the changes in the Registry, you need to restart the server for the changes to take effect.
Again, please note that enabling SSL 3.0 and TLS 1.0 is not recommended due to security concerns. If possible, use TLS 1.2 or TLS 1.3 for better security and compliance with modern security standards. Additionally, before making any changes to the Registry, it's essential to create a backup or restore point in case you encounter any issues. Modifying the Registry can have unintended consequences and impact the stability of your system. Proceed with caution and consider seeking advice from a qualified IT professional.