Skip Ribbon Commands
Skip to main content

Xadean's Empirical Musing


Quick Launch

Xadean's Empirical Musing > Posts > Enable TLS 1.1 & 1.2 as Default Secure Protocols in WinHTTP
May 28
Enable TLS 1.1 & 1.2 as Default Secure Protocols in WinHTTP

Reference Links:


The setting in the graphic is INCORRECT (this setting enables TLS 1.0, 1.1, and 1.2).  The CORRECT setting is 0x00000a00 (2560), which is Hex 0200 + Hex 0800 to enable TLS 1.1 & 1.2.


The registry value is a DWORD bitmap. The value to use is determined by adding the values corresponding to the protocols desired. 

DefaultSecureProtocols Value

Protocol enabled


Enable SSL 2.0 by default


Enable SSL 3.0 by default


Enable TLS 1.0 by default


Enable TLS 1.1 by default


Enable TLS 1.2 by default

For example:

The administrator wants to override the default values for WINHTTP_OPTION_SECURE_PROTOCOLS to specify TLS 1.1 and TLS 1.2.

Take the value for TLS 1.1 (0x00000200) and the value for TLS 1.2 (0x00000800) then add them together in calculator (in programmer mode), the resulting registry value would be 0x00000A00.


There are no comments for this post.

Add Comment


Body *