Forum Discussion
TLS 1.3 on Windows Server 2019
Hello,
I tried to enable TLS 1.3 on Windows Server 2019(IIS 10),
for some reason this doesn't work well.
I changed the registry settings to change this
❝
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
❞
I'm wondering if it's possible to leave it enabled and get it to work.
With kind Regards
Mukul Waghmare
- abbodi1406Steel ContributorThey backported TLS 1.3 to build 17763?
i have seen it backported only on 18362 & 19041- itadi406Microsoft
According to my information there is no down level support of TLS 1.3 e.g Server 2019, Server 2016
Officially supported in WIndows Server 2022
https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-
- JohanBarCopper Contributor
Hi
The above registry settings are correct, enable for client and server.
Open a firefox page and click a site certificate. TLS 1.3 will be listed under security.
You should also enable HTTP/2 protocol for IIS (and your own browsing) - blazing fast:
Open your registry editor and navigate to:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Make sure you have the following entries:
EnableHttp2Cleartext REG_DWORD 1
EnableHttp2Tls REG_DWORD 1
Reboot.
HTTP/3 supported in Server 2022. Still checking if it will work in 2019 it uses UDP (burst) 443 with TLS 1.3
Kind regards