TLS standard authentication protocols helps you to connect securely with websites. Here's how to configure TLS settings in Windows 10.

For communication securities, Windows uses Transport Layer Security (TLS) protocols. With the help of TLS standard level authentication protocols, your Windows system can securely communicate to Internet websites. You can learn more and in detail about TLS on Wikipedia. Mainly there are 3 TLS protocol versions Windows have at the moment. These are TLS 1.0, TLS 1.1 and TLS 1.2 versions.

You can enable or disable either of these TLS protocol versions as per your requirement. There are two ways, in which you can configure TLS protocol settings on your Windows 10. Both ways are mentioned below, try them as per your convenience,

How To Configure TLS Settings In Windows 10

WAY 1 – Via Internet Properties

1. Press W8K + R and type inetcpl.cpl in the Run dialog box, to open Internet Properties.

Internet Explorer Properties

2. In Internet Properties window, switch to Advanced tab. Under Settings, scroll to Security heading. Beneath it, you’ll find Use TLS 1.0, Use TLS 1.1, Use TLS 1.2 options. You can enable/disable these options to allow/prevent corresponding TLS protocol.

How To Configure TLS Settings In Windows 10

3. Once you’re done with your selection, click Apply followed by OK to save your settings.

Now let us see, how to use registry to configure TLS settings on your Windows 10.

WAY 2 – Via Registry

Registry Disclaimer: The further steps will involve registry manipulation. Making mistakes while manipulating registry could affect your system adversely. So be careful while editing registry entries and create a System Restore point first.

1. Press W8K + R and put regedit in Run dialog box to open Registry Editor (if you’re not familiar with Registry Editor, then click here). Click OK.

Windows 10 Registry Editor

2. In left pane of Registry Editor window, navigate to following registry key:


How To Configure TLS Settings In Windows 10

3. Right click Protocols registry key, select New > Key. Name the newly created sub-key as TLS 1.0. Similarly create two sub-keys to TLS 1.0 registry key and name them as Server and Client. Now in the right pane of Client registry key (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client), right click and select New > DWORD Value. Name the newly created registry DWORD (REG_DWORD) as Enabled. Double click on this DWORD to modify its Value data:

How To Configure TLS Settings In Windows 10

4. Finally, set the Value data to 1 to enable TLS 1.0 protocol. Click OK.  If you want to allow TLS 1.0 to server side as well, create Enabled registry DWORD and set it to 1, for Server registry key (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client) as well.

5. You can follow similar way for other TLS protocols such as TLS 1.1 and TLS 1.2 versions. Create TLS 1.1, TLS 1.2 registry sub-keys to Protocols registry key, and then create Client, Server specific registry sub-keys and then add Enabled DWORD to control the corresponding TLS version. Once you’re done, close Registry Editor and make sure to reboot the machine to make changes effective.

TIP: You can configure SSL protocol versions (SSL 2.0, SSL 3.0) in the same way. However, SSL is now deprecated and it is predecessor of TLS. You can create SSL 2.0 and SSL 3.0 registry sub-keys to Protocols (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols) registry key. The proceed similarly for client and server specific registry sub-keys.

In this way, you can configure to TLS settings in Windows 10.

That’s it!

Share this post on Facebook · Twitter.


  • Thanks. For me TLS 1.2 stopped working (failed to receive handshake in all browsers, curls etc…). Tried many things with no luck. Only after manually setting up register values as you mentioned – started working.

  • Kapil Arya

    ^^ Glad to help!

  • Leave a Reply

    Your email address will not be published. Required fields are marked *

    Recent Comments

    • Kapil Arya : ^^ Make sure you typed entire cmdlet correctly. You can directly paste...

      2 days ago

    • Kapil Arya : ^^ You can create batch file of registry manipulation....

      2 days ago

    • Kapil Arya : ^^ Have you tried Network Reset as well?...

      2 days ago

    • Filip : Hi As I insert the command I get the following error. Anybody know ho...

      2 days ago