question

MV-7184 avatar image
0 Votes"
MV-7184 asked MV-7184 commented

Why is TLS missing in registry?

I am using tenable (nessus scanner) to find vulnerabilities on my hosts. One of the vulnerabilities that I noticed was "TLS Version 1.0 Protocol Detection" and it looks like it has to do with port 3389. When I head over to registry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols" everything was empty in there.

Am I looking at the wrong place for TLS 1.0?

windows-server-2019
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

CarlFan-MSFT avatar image
0 Votes"
CarlFan-MSFT answered MV-7184 commented

Hi,
It will be OK.
If we want to disable or enable TLS or SSL Protocol. we could create TLS 1.0 key and create enable/disable DWORD. Please refer to the information below:
https://saputra.org/threads/disable-tls-1-1-and-1-0-on-windows-server-2019-with-iis-10-0.148/#post-220
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

thank you!

0 Votes 0 ·