Attempting to disable TLS1.0/1.1 on Windows level via GPO

lt flag

As per title, am attempting to disable TLS1.0/1.1 and default to TLS 1.2 instead.

However my registry do not have the below paths:

../Protocols/TLS 1.0/servers
../Protocols/TLS 1.0/clients
../Protocols/TLS 1.1/servers
../Protocols/TLS 1.1/clients
../Protocols/TLS 1.2/servers
../Protocols/TLS 1.2/clients

This is causing my gpupdates to fail as those paths cannot be found. Most resources I have checked either added the keys to each individual server which is not viable in my environment(have about 300VMs & 80 HyperV hosts) or they would just add the registries to the GPO however, those are existing keys.

Are there any ways to create the required keys via the registry in GPO?


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.