スポンサーリンク

How to use TLS 1.1 or TLS 1.2 on Windows Server 2008 SP2

スポンサーリンク

In this article, I will show you how to use TLS1.1 and TLS1.2 on Windows Server 2008.
Please note that I am not talking about Window Server 2008 R2.

About Service Pack

In order to use TLS 1.1 or higher on Windows Server 2008, you need to apply Service Pack 2. The following information is based on the assumption that Windows Server 2008 SP2 is used.

Applying the update program

Unfortunately, TLS1.1 and TLS1.2 cannot be used on Windows Server 2008 SP2 as is.
Therefore, you need to apply the update first.
Please obtain the update from the Microsoft website.

Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 - Microsoft Support
Describes an update that adds support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2 and in Windows Embedded POSRead...

Even if you apply the update, TLS1.1 and TLS1.2 are disabled by default, so you need to change the registry.
Please add values to the following keys.
Key (maximum 4):.


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server

Value (Every key has the same value.) Name: Disabled
 Name: DisabledByDefault
 Value: 0(DWORD value)

The reason why there are four separate keys is because there are two types, TLS1.1 and TLS1.2, and they are divided into Client and Server.
Client is added to the registry when TLS communication is performed as a client, such as when connecting to other web services from the target Windows Server 2008 SP2.

Server adds a registry when the target Windows Server 2008 SP2 performs TLS communication as a server, such as when providing web services.

コメント