![]() Transport Layer Security (TLS) is a critical cryptographic protocol that provides authentication and data encryption between different endpoints (for example, the user’s desktop and the application server) and secures HTTPS. Required Configurations for On-Premise/Local Systems.Ex Libris Higher Education Platform APIs TLS 1.0 and 1.1 deprecation.$x86SystemDefaultTlsVersions = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Microsoft\. $圆4SystemDefaultTlsVersions = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v7 " -Value "SystemDefaultTlsVersions ") -eq 1 If( ( $cipher1 -band 0x00000800) -ne 0 -and ( $cipher2 -band 0x00000800) -ne 0 )įunction Get-NETFramework35SystemDefaultTlsState $cipher2 = Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp " -Value "DefaultSecureProtocols " $cipher1 = Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp " -Value "DefaultSecureProtocols " If ( $圆4SchUseStrongCrypto -and $x86SchUseStrongCrypto) $x86SchUseStrongCrypto = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Microsoft\.NETFramework\v9 " -Value "SchUseStrongCrypto ") -eq 1 ![]() $圆4SchUseStrongCrypto = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v9 " -Value "SchUseStrongCrypto ") -eq 1 $x86SchUseStrongCrypto = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Microsoft\.NETFramework\v7 " -Value "SchUseStrongCrypto ") -eq 1 $圆4SchUseStrongCrypto = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v7 " -Value "SchUseStrongCrypto ") -eq 1 $secureProtocols = Get-RegistryKeyValue -Computer $Computer -Hive CurrentUser -Key "Software\Microsoft\Windows\CurrentVersion\Internet Settings " -Value "SecureProtocols " If( -not ( $clientEnabled -and $clientDisabled -and $serverEnabled -and $serverDisabled) )įunction Get-InternetExplorerSecureProtocolState $serverDisabled = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Server " -Value "DisabledByDefault ") -eq 0 $serverEnabled = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Server " -Value "Enabled ") -eq 1 $clientDisabled = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Client " -Value "DisabledByDefault ") -eq 0 $clientEnabled = ( Get-RegistryKeyValue -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Client " -Value "Enabled ") -eq 1 ( Test-RegistryKeyExists -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Server ") ) If( ( Test-RegistryKeyExists -Computer $Computer -Hive LocalMachine -Key "System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ $ProtocolVersion\Client ") -and Write-Verbose -Message " $ ( Get-Date ) - Getting key value ' $value' on ' $Computer' " Write-Error "Error opening registry on $Computer. Write-Error "Unable to open registry on $Computer " ![]() Write-Verbose -Message " $ ( Get-Date ) - Opening registry key ' $key' on ' $Computer' " ![]() $registry = ::OpenRemoteBaseKey( $Hive, $Computer ) Write-Verbose -Message " $ ( Get-Date ) - Opening registry on ' $Computer' " $dataAdapter = New-Object ( $Query, $connectionString) $connectionString = "Data Source= $DatabaseServer Initial Catalog= $DatabaseName Integrated Security=True Enlist=False Connect Timeout=5 " # This script automates the checks outlined in the KB articles to enable TLS 1.2 for SharePoint 201xĪdd-PSSnapin -Name " " -ErrorAction Silentl圜ontinueĪdd-Type -TypeDefinition enum Get-DataTable ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |