Windows 10 Setting Powershell's default SChannel protocol to TLS1.2 via GPO

  • Thread starter Thread starter BaconBandit
  • Start date Start date
B

BaconBandit

Guest
Hi all,

I apologize if this isn't the correct forum "bucket" for a question like this.

This question relates to Windows 10 Ent (Build 1903), Server 2016 (Build 1607 primarily)


I'm deploying an change/config management application. As part of the deployment, we run a command that invokes a web request from the CM server to download installation files/scripts. Through copious amounts of troubleshooting, I found that Powershell by default uses TLS 1.0. The CM server is configured such that it only negotiates to TLS 1.2. The installation scripts works... IF I use the below string in the Powershell script to set the environment to use TLS 1.2.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Is the a registry setting or ADMX template that I can use to push (ABOVE SETTING) to the whole domain vice including it in scripting? I found a couple forums that referenced in HLKM:SYSTEM\ControlSet001\ and HKLM\Wow6432Node. I'm hesitant to change SChannel Protocols in those locations because I THINK they're for the whole system, not just Powershell.


I don't always post on forums, but when I do I chose technet...

More...
 
Back
Top