-
Notifications
You must be signed in to change notification settings - Fork 8
Enable‑TlsProtocol
Enables specified TLS/SSL protocols by writing SCHANNEL registry values.
Enable-TlsProtocol [-Protocol] <SChannelSslProtocols[]> [-Client] [-SetDisabledByDefault] [-Force]
[-WhatIf] [-Confirm] [<CommonParameters>]
Enables SCHANNEL protocol keys under
HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
for the server-side Server key by default.
Use the -Client switch to
operate on the Client key instead.
The command will create the target
key if it does not exist and set the Enabled DWORD to 1.
Optionally, when -SetDisabledByDefault is specified the command will
also write DisabledByDefault = 0 (opt-in only).
Enable-TlsProtocol -Protocol Tls12
Enables TLS 1.2 for server-side connections by setting the Enabled
registry value to 1.
Enable-TlsProtocol -Protocol Tls13 -Client
Enables TLS 1.3 for client-side connections.
Enable-TlsProtocol -Protocol Tls12, Tls13 -SetDisabledByDefault
Enables TLS 1.2 and TLS 1.3 for server-side connections and also sets
the DisabledByDefault registry value to 0.
Enable-TlsProtocol -Protocol Tls12 -Force
Enables TLS 1.2 for server-side connections without prompting for confirmation.
When specified, operate on the protocol Client registry key instead of
the default Server key.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: FalseSuppresses confirmation prompts.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: FalseOne or more protocol names to enable.
Accepts values from the
[SChannelSslProtocols] enum such as Ssl2,
Ssl3, Tls, Tls11, Tls12, Tls13, Dtls1, Dtls12.
Type: SChannelSslProtocols[]
Parameter Sets: (All)
Aliases:
Accepted values: Ssl2, Ssl3, Tls, Tls11, Tls12, Tls13, DTls1, DTls12
Required: True
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseWhen specified, also set the DisabledByDefault DWORD to 0.
This is an
opt-in behavior to avoid unintentionally changing additional registry
values.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: FalsePrompts you for confirmation before running the cmdlet.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseShows what would happen if the cmdlet runs. The cmdlet is not run.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.