Apr 08 2019 11:45 AM
TLS 1.3 is a very needed feature for those in corporate environments for our public facing websites. The speed advantages are immense in larger sites with no caching
Jul 11 2019 09:28 AM - edited Jul 11 2019 09:38 AM
Hmm, I added the policy key and restarted all browser session SSL test = no change, TLS 1 to 1.3 as yes.
I used command line msedge.exe --ssl-version-min=tls1.2 and it still tests with 1.0 as yes
EDITED It took a full computer restart and then this worked.
Opened InPrivate tab still tests as yes for 1.0. I have successfully set policy key for regular Chrome (\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\SSLVersionMin) and it was detected and works as expected.
I'll just have to create a shortcut using "msedge.exe --ssl-version-min=tls1.2"Any other suggestions?
Jul 12 2019 08:59 AM
Jul 12 2019 09:43 AM
@Eric_Lawrence Can we had a way (in entreprise) like they do in firefox to reject tls 1.0 and 1.1 and other weak cipher suite ?
Jul 12 2019 10:09 AM
Jul 12 2019 10:12 AM - edited Jul 12 2019 10:13 AM
i was trying --cipher-suite-blacklist i doesn't know it was denylist now
edit: thanks
Jul 12 2019 12:40 PM
Opened the URL you gave and read that.
Win key + R key, Entered regedit clicked OK.
navigated to
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies
Add New Key Chromium
Then in that key add a String value named SSLVersionMin
set the value of that to tls1.2
This is the same process I followed to get the Chrome browser shown below to work. Except it is in the Chrome Key under Google.
Is there supposed to be a another Parent key in between named something like MSEdge ? ie. Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\MSEdge\Chromium ?
Jul 12 2019 12:48 PM
Jul 12 2019 01:03 PM
Jan 04 2020 11:46 AM
It is nice that Edge and Windows 10 and 2019 support TLS 1.3.
However some Windows Update Servers (like fe2.update.microsoft.com on their IPv6 addresses) only support those Ciphers that are known to be weak. Disabling those ciphers in Windows 10 or 2016/2019 breaks Windows Update functionality. So more security actually turns into less security.