Citrix Provisioning

Enable secure connection by limiting SQL server to TLS 1.2

Use the information in this section to modify secure connection from the provisioning server to the SQL server to limit it to TLS 1.2. For information on how to configure secure connecion from provisioning server to SQL server, see Enable secure connection from provisioning server to SQL server.

Note:

This implementation is applicable to only the SQL server Database.

To use only TLS 1.2, disable all earlier versions of TLS. The following are the Windows server setting in the registry.

  • HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server Enabled = 0x00000000

  • HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server Enabled = 0x00000000

To disable the earlier versions of TLS, do the following on the SQL server computer:

  1. Create TLS 1.0 and TLS 1.1 keys if they are not present under SecurityProvider\SCHANNEL\Protocols.
  2. Create the server key under each one if it is not present.
  3. Create the Enabled DWORD value under each one if it is not present.
  4. Set the Enabled value to 0x00000000 (false).
  5. Restart the Windows server.

For more information, see TLS registry settings.

Enable secure connection by limiting SQL server to TLS 1.2

In this article