配置TLS1.2
提供两种方法, 选择其中一种就行了
1、手动设置
找到HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols右键->新建->项->新建TLS 1.1,TLS 1.2
TLS 1.1和TLS 1.2 右键->新建->项->新建Server, Client,在新建的Server和Client中都新建如下的项(DWORD 32位值),总共4个
DisabledByDefault [Value = 0]
Enabled [Value = 1]
如图
2、直接导入注册表文件
如下,新建文本文件,将内容复制进去,后缀名改为reg就行,双击导入
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Client] "DisabledByDefault"=dword:00000000 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.1]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.1Client] "DisabledByDefault"=dword:00000000 "Enable"=dword:00000001 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.1Server] "DisabledByDefault"=dword:00000000 "Enable"=dword:00000001 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.2]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.2Client] "DisabledByDefault"=dword:00000000 "Enable"=dword:00000001 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.2Server] "DisabledByDefault "=dword:00000000 "Enable"=dword:00000001
禁用老SSL配置
打开HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Client 配置如下
DisabledByDefault [Value = 0]
Enabled [Value = 0]