Enable TLS 1.2 on Windows 2008 for 32-bit applications

Question

I'm trying to enable TLS 1.2 for outgoing connections from a classic ASP site running on IIS. I have tried adding the registry settings outlined in the questions below but this hasn't helped.

Check if Windows Server 2008R2 can use TLS 1.2 How do I disable TLS 1.0 without breaking my IIS/ASP.NET websites?

The app pool for this site has Enable 32-bit applications set to True. I noticed that if I create a new site and set Enable 32-bit applications to False then outbound traffic from the test site uses TLS 1.2.

score 0 · Answer 1 · answered Sep 10 '18 at 18:36

0

Windows Server 2008 requires an update to enable support for TLS 1.1/1/2:

https://support.microsoft.com/en-us/help/4019276/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows

RDS support for TLS 1.1/1.2 Windows 2008 R1 SP2
https://support.microsoft.com/en-us/help/4074621/add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-server-2008-sp2

answered Sep 10 '18 at 18:36

Greg Askew

35,880
5
54
82

Just to clarify, setting the app pool to Enable 32-bit Applications = False allows outbound TLS 1.2 connections. My specific issue seems to be concerned with when 32-bit applications are enabled. – Ged Sep 11 '18 at 06:56

score 0 · Answer 2 · answered Nov 21 '18 at 13:39

0

I ended up using MITMProxy to bump up the traffic from TLS 1.0 to TLS 1.2.

answered Nov 21 '18 at 13:39

Ged

1
1
3

Enable TLS 1.2 on Windows 2008 for 32-bit applications

2 Answers2