Occasional Visitor

Hello,

 

I tried to enable TLS 1.3 on Windows Server 2019(IIS 10),

for some reason this doesn't work well.

 

I changed the registry settings to change this

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server]

 

"DisabledByDefault"=dword:00000000

 

"Enabled"=dword:00000001

 

I'm wondering if it's possible to leave it enabled and get it to work.

 

With kind Regards

Mukul Waghmare

They backported TLS 1.3 to build 17763?
i have seen it backported only on 18362 & 19041

@abbodi1406 

 

According to my information there is no down level support of TLS 1.3 e.g Server 2019, Server 2016

 

Officially supported in WIndows Server 2022

https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

 

Hi

The above registry settings are correct, enable for client and server.

Open a firefox page and click a site certificate. TLS 1.3 will be listed under security.

You should also enable HTTP/2 protocol for IIS (and your own browsing) - blazing fast:

Open your registry editor and navigate to:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Make sure you have the following entries:
EnableHttp2Cleartext REG_DWORD 1
EnableHttp2Tls REG_DWORD 1
Reboot.

HTTP/3 supported in Server 2022. Still checking if it will work in 2019 it uses UDP (burst) 443 with TLS 1.3

Kind regards

www.000webhost.com