Error while trying to install Node, and its related programs, and apparently because I can't get TLS 1.2 support in Windows 7

Question

I tried to install Node, plus any extra tools it optionally 'needs' which apparently included "Chocolatey".

("Chocolatey" is a poorly named package manager. The developer of it saw that Visual Studio IDE has NuGet, he thought it'd be good if Windows had a package manager, just as unix-based OSs have package managers like debian has apt-get or osx has brew and macports, and he made one for windows called - "Chocolatey" as his joke, and it has some growing amount of software it supports. e.g. I see you can do choco install vlc to install VLC media player. I don't know what software Node would use it to install but anyhow)

I tried to install Node and I think I ticked the box for it to install other software that it needs. It required me to close all my programs, which I did.

I got this error during the install

I searched that error "Exception calling "DownloadString" with "1""

And I got this https://chocolatey.org/docs/troubleshooting

"If you see the following: Exception calling "DownloadString" with "1" argument(s): "The request was aborted: Could not create SSL/TLS secure channel." then you are likely running an older machine that needs to be upgraded to be able to use TLS 1.2 at a minimum."

I find that strange, since TLS 1.2 was released a long while back as seen on this page. https://kinsta.com/knowledgebase/tls-vs-ssl/ TLS 1.2 was released in 2008. I'd be surprised if Windows 7 doesn't support it, since Windows 7 only reached end of life Jan 2020. Even TLS 1.3 was released in 2018.

When searching the error, I found this page https://support.cybersource.com/s/article/How-do-I-enable-TLS-1-2-on-Windows-7

It mentioned certain registry keys that it says I needed.

According to https://chocolatey.org/blog/remove-support-for-old-tls-versions

While your operating system may support TLS 1.2 it's important to remember that it may have to be enabled. If you are working from

PowerShell you can find out which protocols your system supports by running this code:

[Enum]::GetNames([Net.SecurityProtocolType]) -contains 'Tls12'
Copy
If the result is True then your system supports TLS 1.2.

And it then goes on to say if it is supported how to check if it is being used.

But for me

TLS 1.2 shows as not supported

PS C:\Users\User>  [Enum]::GetNames([Net.SecurityProtocolType]) -contains 'Tls12'
False

I saw this page https://support.cybersource.com/s/article/How-do-I-enable-TLS-1-2-on-Windows-7

And made this reg file

Windows Registry Editor Version 5.00



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000

I notice I have a key (folder on the left hand side), in regedit called SSL 2.0 Not sure what, if anything, should be in there

I tried restarting but still running the mentioned powershell command gave false, indicating TLS 1.2 not supported.

Answer 1

You need add these values to yours register keys:

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord 

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord 

They were took from Sanjeev Kumar's answer in node.js installation error in windows 10 in vscode ... and worked for me.