Forum Discussion

Mukul_Waghmare's avatar
Mukul_Waghmare
Copper Contributor
Jan 06, 2021

TLS 1.3 on Windows Server 2019

Hello,

 

I tried to enable TLS 1.3 on Windows Server 2019(IIS 10),

for some reason this doesn't work well.

 

I changed the registry settings to change this

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server]

 

"DisabledByDefault"=dword:00000000

 

"Enabled"=dword:00000001

 

I'm wondering if it's possible to leave it enabled and get it to work.

 

With kind Regards

Mukul Waghmare

  • abbodi1406's avatar
    abbodi1406
    Steel Contributor
    They backported TLS 1.3 to build 17763?
    i have seen it backported only on 18362 & 19041
  • JohanBar's avatar
    JohanBar
    Copper Contributor

    Hi

    The above registry settings are correct, enable for client and server.

    Open a firefox page and click a site certificate. TLS 1.3 will be listed under security.

    You should also enable HTTP/2 protocol for IIS (and your own browsing) - blazing fast:

    Open your registry editor and navigate to:
    Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
    Make sure you have the following entries:
    EnableHttp2Cleartext REG_DWORD 1
    EnableHttp2Tls REG_DWORD 1
    Reboot.

    HTTP/3 supported in Server 2022. Still checking if it will work in 2019 it uses UDP (burst) 443 with TLS 1.3

    Kind regards

Resources