TLS 1.3 is the latest security protocol that improves upon TLS 1.2 in terms of security and performance. TLS 1.3 is still not widely used for all apps installed in Windows 10.
Click here to learn more about which TLS versions should be used when connecting to an ASUSTOR NAS.
Windows 11 has TLS 1.3 enabled by default, the settings are not required to change in Windows 11.
TLS 1.3 is not enabled in Windows 10 by default. If you are using network apps that require or support TLS 1.3, you should enable TLS 1.3 in Windows 10.
In Windows 10, click [Search] on the [Taskbar].
Enter [regedit] and then you will find [Registry Editor] here.
Click on [Open].
Enable TLS 1.3:
Find the following path in the left panel of the Registry Editor: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
Double-click on [Enabled].
In the [Value data] field, change the value to [1] and click [OK].
Note: If you cannot find the above path in Windows 10, please right-click on the right panel according to this path, create [TLS 1.3] and [Client] key path in turn, and then create 2 DWORD (32-bit) values [DisabledByDefault] and [Enabled] with default value 0.
You can click here to download the Windows registration file to create the key path and default value, and then modify it. (MD5: b003f9e7fd0b825fafd02f915d7de0ca)
However, if some apps you are using in Windows 10 do not support TLS 1.3, the apps possibly do not work properly by TLS 1.3 is enabled, and you should disable TLS 1.3 in Windows 10.
Disable TLS 1.3:
Find the following path in the left panel of the Registry Editor: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
Double-click on [Enabled].
In the [Value data] field, change the value to [0] and click [OK].
Open the 'Run' Windows by inputting 'Win + R' and type 'regedit' to execute 'Registry editor'. Browse to 'Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client' and double-click on 'Enabled'. In the 'Value data' field, change the value to '1' and select 'OK'.
Open the 'Run' Windows by inputting 'Win + R' and type 'regedit' to execute 'Registry editor'. Browse to 'Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client' and double-click on 'Enabled'. In the 'Value data' field, change the value to '1' and select 'OK'.
TLS 1.3 is supported starting in Windows 11 and Windows Server 2022. Enabling TLS 1.3 on earlier versions of Windows is not a safe system configuration.
Find the following path in the left panel of the Registry Editor: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
Double-click on [Enabled].
In the [Value data] field, change the value to [0] and click [OK].
Open registry on your server by running regedit in the run window. Navigate to the below location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols . Now change DWORD values under Server and Client under TLS 1.0: DisabledByDefault [Value = 0] and Enabled [Value = 0] .
There are several ways to check TLS version on Windows Server. However, using the IISCrypto tool to check the SSL/TLS protocols is the easiest way. Download and run IISCrypto and go to the Protocols tab. If you don't see TLS 1.3 in the enabled protocols list, you will need to enable it manually.
-Press the Windows key + R to start Run, type regedit, and press Enter or click OK. -If you can't find any of the keys or if their values are not correct, then TLS 1.2 is not enabled. I hope this information helps.
In a nutshell, TLS 1.3 is faster and more secure than TLS 1.2. One of the changes that makes TLS 1.3 faster is an update to the way a TLS handshake works: TLS handshakes in TLS 1.3 only require one round trip (or back-and-forth communication) instead of two, shortening the process by a few milliseconds.
To enable TLS 1.3, you can use the Registry Editor on your Windows Server. You will need to navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3 key. If this key does not exist, you can create it. Under the TLS 1.3 key, create a subkey named "Server".
The fix is easy: In the windows search box, near the Windows Start button, type Internet Options. Open the result Internet options - control panel. Then click the Advanced tab. Scroll down in the long list to security and make sure use TLS 1.2 is checked.
In the Internet Options window on the Advanced tab, under Settings, scroll down to the Security section. In the Security section, locate the Use SSL and Use TLS options and uncheck Use SSL 3.0 and Use SSL 2.0. If they are not already selected, check Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2.
If you are running Windows 10 or 11, follow these steps below to do this thing: Step 1: Press Win + I to open Run, type inetcpl.cpl, and click OK to open the Internet Properties window.Step 2: Under the Advanced tab, scroll down to find Use TLS 1.2.
Address: 743 Stoltenberg Center, Genovevaville, NJ 59925-3119
Phone: +2202978377583
Job: Administration Engineer
Hobby: Surfing, Sailing, Listening to music, Web surfing, Kitesurfing, Geocaching, Backpacking
Introduction: My name is Rubie Ullrich, I am a enthusiastic, perfect, tender, vivacious, talented, famous, delightful person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.