Disable old Ciphers, SSL 3.0, TLS 1.0 and enable TLS 1.1 and 1.2 on all site systems
On all SCCM 2012 site servers and systems, I want to disable old Ciphers, SSL 3.0, TLS 1.0 and enable TLS 1.1 and 1.2.
Triple DES 168
Triple DES 168/168
K Fernandez commented
Is their documentation for SCCM 2012 environments?
Is this backward compatible for SCCM 1606 LTSB? Doesn't appear to be based on my testing. Running Server 2016 and SQL Server 2016.
Paul Faulkner commented
The TechNet article for enabling TLS 1.2 is really good, but it doesn't work with anything older than version 1702. I even logged a call with Premier Support and after a lot of testing they agreed with me, and said they would feed back to the product team.
The instructions work fine with 1706, but not 1702 therefore the "applies to" section of the article needs to be updated.
if you are using Forefront Endpoint Protection, 3DES and TLS 1.0 is needed for the updates. I am not using WSUS for updates but rather file share