Hi,

When we read about "TLS version enforcement capabilities now available per certificate binding on Windows Server 2019", it sounded perfect.  However we cannot get it to work?  We are on OS Build 17763.914 and when we go to the site binding the screenshot below is all we get.  According to https://docs.microsoft.com/en-us/security/disable-legacy-tls we should also have a disable Legacy TLS checkbox. 

The version of windows server/iis we have is latest as per windows update and is after the version mentioned in the article.  We have also tried to do via "netsh http add sslcert ...", but when we add the argument disablelegacytls=enable it fails, even though it is listed in the help as an argument.

Does something need turning on or setting?  Tried a couple of things, but no luck.

Any hints or assistance much appreciated.

Regards

Paul