Is there a way to emable TLS 1.0 and/or 1.2 on Edge Chromium?

Question

I know TLS 1.0 and 1.2 have been disabled on Edge Chromium since 84 - link.

However, I need to be sure they have been removed or permanently disabled. I want to be 100% that there is no way a user can somehow enable them.

There are sources on the internet that indicate that if you enable 1.0 and 1.0 in internet options this also enables them in Edge. I don't seem to be able to replicate this though.

Also if I visit https://browserleaks.com/ssl using Edge 92 on a friend's company laptop 1.0 and 1.1 seem to be enabled. My knowledge of what settings or policy is set there is obviously limited though.

Can anyone provide and details/documentation on this?

Thanks in advance.

Answer 1

we set this policy (value=1.2) via GPO in our enterprise and it is VERY effective to block user override for old/bad TLS.
https://learn.microsoft.com/en-au/DeployEdge/microsoft-edge-policies#sslversionmin

when I use EdgeChromium v92 to test browserleaks, it show TLS1.0/1.1 disabled, except if I enable the IEMode feature on that browserleaks page, if I do that, TLS1.0/1.1 are enabled because IEMode/IE11 currently allow old TLS by default.

I manage an enterprise corporate desktop ecosystem and we have a couple of very old intranet webapps which still use old TLS, we use IEMode to allow those.

So, I don't trust that reference site you quoted (Fourth/hotschedules), I think its simply wrong or very outdated, as some of the feedback on the site itself suggests.

Answer 2

I am trying to do the opposite and make sure that TLS 1.2 is enabled. The old settings in Internet Explorer and inetcpl.cpl are ticked on but the registry key I am used to seeing in HKLM under security providers/protocol is turning up empty in quite a few of my Windows 10 21H2 computers on our network.

Anyone got any ideas about how to check this now IE has been deprecated and slated for removal?