There are three methods to controlling the TLS settings in Internet Explorer
1 – Local GP
2 – Domain GP
3 – Registry
* In GP, User Configuration, Administrative Templates, Windows Components, Internet Explorer, Internet Control Panel, Advanced Page, Turn off encryption support
The settings in Internet Explorer, Tools, Internet Options, Advanced
Today, we’re looking number at 3, the registry.
Reg path
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings
Reg key
SecureProtocols, a DWORD
Each protocol modifies the same registry key, the DWORD value
will be a hexadecimal sum of the decimal value of each check box
For example (notice how the value is changing):
Checking all protocols will yield a new value of 0x00000aa8 (2728)
All but SSL 2.0, 0x00000aa0 (2720)
All but SSL 1.0, 0x00000a28 (2600)
In my case, I wanted to enable all but TLS 2.0.
Take a look,
TLS 1.2 Disabled vs. Enabled
Verified working after reg key was applied
