In this article, we’ll briefly describe How to disable TLS for Thinfinity® Workspace.
To do so, we will have to access the Registry Editor. To access the Registry Editor, In the search box on the taskbar, type “regedit”. Then, select the top result for the Registry Editor (Desktop app).
It will look like something like this:
Once in there, you will have to follow the path indicated and perform the following.
TLS 1.0
This subkey controls the use of TLS 1.0.
For TLS 1.0 default settings, see Protocols in the TLS/SSL (Schannel SSP).
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
To disable TLS 1.0 for client or server, change the DWORD value to 0. If an SSPI app requests to use TLS 1.0, it will be denied.
To disable TLS 1.0 by default, create a DisabledByDefault entry and change the DWORD value to 1. If an SSPI app explicitly requests to use TLS 1.0, it may be negotiated.
The following example shows TLS 1.0 disabled in the registry:
TLS 1.1
This subkey controls the use of TLS 1.1.
For TLS 1.1 default settings, see Protocols in the TLS/SSL (Schannel SSP).
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
To disable TLS 1.1 for client or server, change the DWORD value to 0. If an SSPI app requests to use TLS 1.1, it will be denied.
To disable TLS 1.1 by default, create a DisabledByDefault entry and change the DWORD value to 1. If an SSPI app explicitly requests to use TLS 1.1, it may be negotiated.
The following example shows TLS 1.1 disabled in the registry:
TLS 1.2
This subkey controls the use of TLS 1.2.
For TLS 1.2 default settings, see Protocols in the TLS/SSL (Schannel SSP).
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
To disable TLS 1.2 for client or server, change the DWORD value to 0. If an SSPI app requests to use TLS 1.2, it will be denied.
To disable TLS 1.2 by default, create a DisabledByDefault entry and change the DWORD value to 1. If an SSPI app explicitly requests to use TLS 1.2, it may be negotiated.
The following example shows TLS 1.2 disabled in the registry:
After performing these changes, it will be necessary to restart your machine.