📅 June 16, 2025

How To

Alex Ruben

Share:

Link copied!

How To Enable TLS 1.0 and 1.1 on Windows 11 for Improved Security

Getting stuck with older websites or internal tools? Yeah, sometimes Windows just decides to disable TLS 1.0 and 1.1 by default because, well, they’re kinda old and full of security holes. But if you’re dealing with legacy systems or stuff inside your own network that still relies on these protocols, you might need to turn them back on. This process can be a bit dodgy if you mess around in the registry, so best to back things up first. Anyway, here’s how to get TLS 1.0 and 1.1 enabled if you really, really need them—and still keep your system as safe as possible.

How to Enable TLS 1.0 and 1.1 in Windows 11

Access Internet Options in Windows

This is usually the easiest way to toggle TLS versions through a GUI. Of course, some apps rely on registry tweaks, but start here if you wanna keep it simple:

• Open the Start menu.
• Type Internet Options — yep, the classic control panel setting from back in the day — and click on it.

From there, go to the Advanced tab. This is where Windows keeps all those hidden settings about your browser and security protocols.

Enable TLS 1.0 and 1.1 from the Advanced Settings

This method works if your system’s default policies still allow toggling these protocols — because newer Windows versions kinda make it more complicated. Here’s what to do:

1. Inside the Internet Properties window, click on the Advanced tab.
2. Scroll down to the Security section—yep, towards the end of the list. It’s a bit hidden, and sometimes you have to type in your admin password if prompted.
3. Look for Use TLS 1.0 and Use TLS 1.1. Check both boxes.
4. Click Apply and then OK.

This should activate those older protocols, making some older sites or internal apps happy. On some setups, it’s instant; on others, you might need a reboot. Weird stuff, but it kinda works most of the time.

Force Enable via Registry Hacks — Because of course, Windows has to make it harder

If enabling TLS from the GUI doesn’t do the trick—maybe the system policies override your settings or they’re just disabled—then registry edit time. Fair warning: messing with the registry can be dangerous, so do a backup or create a restore point first.

• Press Windows + R to open the Run dialog, then type regedit and hit Enter.
• Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
• If you don’t see TLS 1.0 or TLS 1.1 folders, you’ll need to create them manually. Just right-click on Protocols, choose New -> Key, and name it TLS 1.0. Repeat for TLS 1.1.
• Inside each, right-click, select New -> Key, and create folders called Client and Server.
• For each of these, right-click in the right pane, choose New -> DWORD (32-bit) Value, and call it Enabled.
• Set the Enabled value to 1 by double-clicking on it.

This basically tells Windows to allow those protocols on both client and server sides. Sometimes, after doing this, a reboot is necessary—just to make sure Windows applies all the changes. Weird things happen if you don’t restart, like it ignoring your tweaks.

Extra Tips & Common Pitfalls

• Yeah, enabling TLS 1.0/1.1 increases risk, so only do this if you absolutely need it. Don’t leave them on forever.
• Check your browser settings, especially for Edge or Chrome. Turns out, they might have their own TLS configurations that override Windows settings. Chrome, for example, disables TLS 1.0 and 1.1 by default, even if Windows is set to allow them.
• If it’s still not working, try doing these steps in an elevated PowerShell prompt or run a system restore if things get crazy. Because, why make life harder?

Wrap-up

Getting TLS 1.0 and 1.1 back on Windows 11 is kinda a dance — depends a lot on system policies, browser configs, and whether the registry keys exist. Doing these tweaks carefully can help connect to legacy sites, but just remember, you’re kind of opening a security belt if you leave these protocols enabled. Use them sparingly and disable when you’re done.

Frequently Asked Questions

Why are TLS 1.0 and 1.1 deprecated?

Because they’re old and have known vulnerabilities. Most websites now require TLS 1.2 or above for good reason — they’re safer and less likely to get exploited.

Can enabling these protocols pose a threat?

Yeah, kinda. Enabling outdated protocols opens up your system a little. Only do it if necessary, then turn them off when done. Think of it as a temporary workaround, not a permanent feature.

What if the registry keys aren’t there?

If they don’t exist, just create them as described. The structure matters—don’t forget the Client and Server subkeys inside each protocol folder.

Summary

• Access Internet Options and enable TLS 1.0/1.1 through the Advanced tab
• If needed, tweak the registry to force-enable them
• Remember to restart or log off and on to see changes
• Be cautious about security risks

Final thoughts

Honestly, messing with TLS options on Windows can be a pain — between GUI settings and registry work, it’s kinda messy. But if you really need to connect to old servers or apps, these steps do the trick. Just make sure to disable these protocols again later, so your security doesn’t suffer for too long. Good luck, and hopefully this saves someone a frantic hour or two.

Related Guides:

• Transform Your Windows 11 Context Menu for Enhanced Usability
• Ultimate Guide to Debloating and Setting Up Windows 11 Using WinScript
• How To Reset the Windows 11 Task Manager for Smooth Performance
• How To Resolve Windows 11 Cumulative Update Download and Installation Failures
• How to Restore the Classic Ribbon in Windows 11 File Explorer