2008 R2 TLS 1.2 enabled in registry, rebooted, but not functioning

windows-server-2008-r2 tls iis-7.5

Yes, I rebooted the server. Several times.

This actually affects both TLS 1.1 and 1.2. The only one currently working is 1.0.

I followed the instructions here: http://support.microsoft.com/kb/245030

I've double checked all the names and values; I've had someone else double check all the names and values.

registry

Both Qualys and IE confirm that 1.1 and 1.2 are not functioning for multiple (presumably all) HTTPS-enabled sites on the server.

Any ideas on how to further investigate this would be awesome.

Edit: More screenshots.

registry2

windows-version


Solution 1:

To enable the system to use the protocols that will not be negotiated by default (such as TLS 1.1 and TLS 1.2), change the DWORD value data of the DisabledByDefault value to 0x0 in the following registry keys under the Protocols key:

SCHANNEL\Protocols\TLS 1.1\Client

SCHANNEL\Protocols\TLS 1.1\Server

SCHANNEL\Protocols\TLS 1.2\Client

SCHANNEL\Protocols\TLS 1.2\Server

Try adding that to both TLS 1.1 and 1.2 under the Server key like you have it in the Client keys.

Related

Linux truncate file
Postfix Connection Timed out
Apache upgrade strategy
debian mysql auto daily backuping
How to fix Windows 2008 R2 BOOTMGR is missing
Redirect to www subdomain via DNS
Denying access to all files except index.html apache
Postfix: whitelist host for specific sender
free reports bogus amount of swap used
Domain computers with no specific user?
Modify Nginx 301 response body
CPU/RAM upgrade for HP Proliant ML350 G5