Steps to Enable TLS 1.1 & 1.2 on Windows OS

Step 1. Install Windows 7 or Server 2008 R2 Service Pack 1.

Make sure that your have installed the Windows Service Pack 1. If not, download and install it from here.

Step 2. Install Windows update KB3140245.

1. According your Windows version and architecture (32 bit or 64bit), download and install KB3140245 from the Microsoft Update Catalog.

2. Restart your PC.

Step 3. Enable TLS 1.1 & TLS 1.2 support in Windows through Registry.

1. Open the Registry Editor. To do that:

• Press Windows + R keys to open the run command box.
• Type regedit & click OK.

2. Navigate to the following path in registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

3a. At the right pane, right-click on an empty space and select New > DWORD (32-bit Value).

3b. Name the new value as: DefaultSecureProtocols.

3c. Now open the DefaultSecureProtocols value, type at value data a00 and click OK.

5. Now, navigate to the following registry path to enable TLS 1.1 & TLS 1.2 on Windows 7:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

6a. On the left pane, right-click at Protocols key and select New > Key.

6b. Name the new key as: TLS 1.1.

6c. Then right-click at TLS 1.1 and select again New > Key.

6d. Name the new key as: Client.

6e. Now, select the Client key and then at the right pane, right-click at an empty space and select New > DWORD (32-bit Value).

6f. Name the new value as: DisabledByDefault.

6g. Finally, open the DisabledByDefault REG_DWORD, enter 0 in the Value Data text box and click OK.

7a. Now, right-click again at the Protocols key on the left and select New > Key.

7b. Name the new key as: TLS 1.2.

7c. Repeat the steps 6c – 6g to create the Client key and then to create the DisabledByDefault REG_DWORD with value 0.

8. When done, close the Registry Editor and restart the PC.