question

zefoy avatar image
0 Votes"
zefoy asked LeonLaude edited

TLS1.3 is it supported?

Hi everyone,
Is TLS1.3 supported in IIS on Windows Server 2016?

I'm unable to find any documentation where it says if it is or not.

windows-server-2016
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Any update on this. Is windows SChannel support TLS1.3 for development?

0 Votes 0 ·
LeonLaude avatar image
2 Votes"
LeonLaude answered LeonLaude edited

Hi,

TLS 1.3 is not yet available yet for any version of Windows Server, keep track of the link below, once support will be made available the link will be updated.

Protocols in TLS/SSL (Schannel SSP)
https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-


(If the reply was helpful please don't forget to accept as answer, thank you)


Best regards,
Leon


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the help!

0 Votes 0 ·
CarlFan-MSFT avatar image
1 Vote"
CarlFan-MSFT answered zefoy commented

Hello,
IIS rely on Schannel. However, no windows server version has supported TLS 1.3 in schannel.
https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3
Based on my search, TLS 1.3 is still in Draft and there is no expected release date as of now.
Best Regards,
Carl

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the help!

0 Votes 0 ·
levicki avatar image
0 Votes"
levicki answered LeonLaude edited

The link posted above as something to rely on is 404.

Initial implementation of TLS 1.3 (unfit for production use) is already available from Windows 10 Version 1903, however it seems to be broken (WinHttpSendRequest returns error 0x80072f8f with TLS 1.3, works fine with TLS 1.2).

The lack of progress and the lack of clear communication from Microsoft on when TLS 1.3 is going to be fully supported in SCHANNEL which is used by a lot of system and 3rd party libraries (winhttp and curl to name just a few), browsers, development platforms such as .Net Framework, and IIS web server itself is really appaling.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Fixed the link, the new Q&A platform seems to not like links with dashes or parantheses.

0 Votes 0 ·