Skip to content
English
More support Sign in
Contact us
  • There are no suggestions because the search field is empty.

How To Enable TLS 1.2 On Windows

Search

How To Enable TLS 1.2 On Windows

Note: This will require a full server restart. Do not perform these steps while a track is operational.


Windows Server 2008, by default, uses TLS 1.0. Some payment processors, including PayPal and SagePay, are moving toward requiring TLS 1.2 as a minimum.


For PHP-based applications (new online booking), an update to PHP 5.6+ is required. This isn't related to this document. (If you're updating TLS for the new online booking, you must also follow these steps .)



**You can also use the attached bat file


For IIS-based applications (old online booking), TLS 1.2 has to be enabled on the Windows Server 2008 machine directly. This is what this document will walk you through.


Steps:

1. Start the registry editor by clicking on Start and Run. Type in "regedit" into the Run field (without quotations).

2. Highlight Computer at the top of the registry tree. Backup the registry first by clicking on File and then on Export. Select a file location to save the registry file.

3. Browse to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

4. Right click on the Protocols folder and select New and then Key from the drop-down menu. This will create new folder. Rename this folder to TLS 1.2.

5. Right click on the TLS 1.2 key and add two new keys underneath it.

6. Rename the two new keys as:
Client
Server

7. Right click on the Client key and select New and then DWORD (32-bit) Value from the drop-down list.

8.Rename the DWORD to DisabledByDefault.

9. Right-click the name DisabledByDefault and select Modify... from the drop-down menu.

10. Ensure that the Value data field is set to 0 and the Base is Hexadecimal. Click on OK.

11. Create another DWORD for the Client key as you did in Step 7.

12. Rename this second DWORD to Enabled.

13. Right-click the name Enabled and select Modify... from the drop-down menu.

14. Ensure that the Value data field is set to 1 and the Base is Hexadecimal. Click on OK.

15. Repeat steps 7 to 14 for the Server key (by creating two DWORDs, DisabledByDefault and Enabled, and their values underneath the Server key).

16. Reboot the server.


The server should now support TLS 1.2!


You can test this by going to http://ssllabs.com/ssltest/analyze.html?d=TRACKNAME.clubspeedtiming.com&latest, and after the test runs (clear the cache if it had been run before), do a CTRL-F for TLS 1.2.

Related Articles