Enable Tls 1.2 On Chrome For Macsportfasr


Before you enable TLS 1.2 on any server components, update Windows to support TLS 1.2 for client-server communications by using WinHTTP. If you enable TLS 1.2 on server components first, you can orphan earlier versions of clients.

Applies to: Configuration Manager (Current Branch)

Transport Layer Security (TLS), like Secure Sockets Layer (SSL), is an encryption protocol intended to keep data secure when being transferred over a network. These articles describe steps required to ensure that Configuration Manager secure communication uses the TLS 1.2 protocol. These articles also describe update requirements for commonly used components and troubleshooting common problems.

To enable TLS 1.1 and/or TLS 1.2 protocols on web browsers, see the list below. Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Opera, Apple Safari. Google Chrome Connections are automatically negotiated at the highest grade. If you are using Google Chrome version 22 or greater, TLS 1.1 is automatically supported. TLS 1.1 & 1.2 are automatically enabled from version 29 onwards. Hope this helps! I hope this helps. Feel free to ask back any questions and let me know how it goes.

Enabling TLS 1.2

Configuration Manager relies on a number of different components for secure communication. The protocol that's used for a given connection depends on the capabilities of the relevant components on both the client and server side. If any component is out-of-date or not properly configured, the communication might use an older, less secure protocol. To correctly enable Configuration Manager to support TLS 1.2 for all secure communications, you must enable TLS 1.2 for all required components. The required components depend on your environment and the Configuration Manager features that you use.


Start this process with the clients, especially previous versions of Windows. Before enabling TLS 1.2 and disabling the older protocols on the Configuration Manager servers, make sure that all clients support TLS 1.2. Otherwise, the clients can't communicate with the servers and can be orphaned.

Tasks for Configuration Manager clients, site servers, and remote site systems

To enable TLS 1.2 for components that Configuration Manager depends on for secure communication, you'll need to do multiple tasks on both the clients and the site servers.

Enable TLS 1.2 for Configuration Manager clients

Enable TLS 1.2 for Configuration Manager site servers and remote site systems

Features and scenario dependencies

This section describes the dependencies for specific Configuration Manager features and scenarios. To determine the next steps, locate the items that apply to your environment.

Feature or scenarioUpdate tasks
Site servers (central, primary, or secondary)- Update .NET Framework
- Verify strong cryptography settings
Site database serverUpdate SQL Server and its client components
Secondary site serversUpdate SQL Server and its client components to a compliant version of SQL Server Express
Site system roles- Update .NET Framework and verify strong cryptography settings
- Update SQL Server and its client components on roles that require it, including the SQL Server Native Client
Reporting services point- Update .NET Framework on the site server, the SQL Server Reporting Services servers, and any computer with the console
- Restart the SMS_Executive service as necessary
Software update pointUpdate WSUS
Cloud management gatewayEnforce TLS 1.2
Configuration Manager console- Update .NET Framework
- Verify strong cryptography settings
Configuration Manager client with HTTPS site system rolesUpdate Windows to support TLS 1.2 for client-server communications by using WinHTTP
Software Center- Update .NET Framework
- Verify strong cryptography settings
Windows 7 clientsBefore you enable TLS 1.2 on any server components, update Windows to support TLS 1.2 for client-server communications by using WinHTTP. If you enable TLS 1.2 on server components first, you can orphan earlier versions of clients.

Frequently asked questions

Why use TLS 1.2 with Configuration Manager?

TLS 1.2 is more secure than the previous cryptographic protocols such as SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1. Essentially, TLS 1.2 keeps data being transferred across the network more secure.

Where does Configuration Manager use encryption protocols like TLS 1.2?

There are basically five areas that Configuration Manager uses encryption protocols like TLS 1.2:

  • Client communications to IIS-based site server roles when the role is configured to use HTTPS. Examples of these roles include distribution points, software update points, and management points.
  • Management point, SMS Executive, and SMS Provider communications with SQL. Configuration Manager always encrypts SQL Server communications.
  • Site Server to WSUS communications if WSUS is configured to use HTTPS.
  • The Configuration Manager console to SQL Server Reporting Services (SSRS) if SSRS is configured to use HTTPS.
  • Any connections to internet-based services. Examples include the cloud management gateway (CMG), the service connection point sync, and sync of update metadata from Microsoft Update.

What determines which encryption protocol is used?

HTTPS will always negotiate the highest protocol version that is supported by both the client and server in an encrypted conversation. On establishing a connection, the client sends a message to the server with its highest available protocol. If the server supports the same version, it sends a message using that version. This negotiated version is the one that is used for the connection. If the server doesn't support the version presented by the client, the server message will specify the highest version it can use. For more information about the TLS Handshake protocol, see Establishing a Secure Session by using TLS.

What determines which protocol version the client and server can use?

Generally, the following items can determine which protocol version is used:

  • The application can dictate which specific protocol versions to negotiate.
    • Best practice dictates to avoid hard coding specific protocol versions at the application level and to follow the configuration defined at the component and operating system protocol level.
    • Configuration Manager follows this best practice.
  • For applications written using the .NET Framework, the default protocol versions depend on the version of the framework they were compiled upon.
    • .NET versions before 4.6.3 did not include TLS 1.1 and 1.2 in the list of protocols for negotiation, by default.
  • Applications that use WinHTTP for HTTPS communications, like the Configuration Manager client, depend on the operating system version, patch level and configuration for protocol version support.

Additional resources

Next steps

This removal has been delayed in Stable until Chrome 84. TLS 1.0 and 1.1 were deprecated in Chrome 72 with a planned removal in Chrome 81 (in early 2020). Other browsers are also removing support for TLS 1.0 and 1.1 at this time. Previously, we showed a deprecation warning in DevTools. In M-79, Chrome marked affected sites as 'Not Secure'. In M-84, Chrome will show a full page interstitial warning on sites that do not support TLS 1.2 or higher.


TLS 1.2 was published ten years ago to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then. These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.



Status in Chromium


Network>SSL' target='_blank'>Internals>Network>SSL

Removed (tracking bug) in:

  • Chrome for desktop release 84
  • Chrome for Android release 84

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • Positive
  • Positive
  • Positive
  • No signals

Enable Tls 1.2 On Chrome For Macsportfasr Pc


Search tags


Enable Tls 1.2 On Chrome For Macsportfasr Windows 7

Last updated on 2020-11-14

  • Most Viewed News

    • Game 31: January 2, 2015the Initials Game
    • Box Head 2 Play&& Try The Games
    • Hack Slash Crawlgaming Potatoes