Hi All
Is there any way to force the RDS of Windows server 2008 SP2 to use TLS1.1 or 1.2?
Microsoft has released an update to add TLS1.1&1.2 support for RDS of Windows server 2008 SP2, we can safely disable TLS1.0 without breaking RDP connection after installed this update. However, since many other applications on server still need to use TLS1.0, we have to remain TLS1.0 for other applications and force RDS to use TLS1.2 to meet PCI DSSv3.2 policy.
As checked RDP-TCP property with "tsconfig", there is only 3 options for security layer(RDP security layer/Negotiate/SSL/TLS1.0) and cannot set TLS1.1 or 1.2 here.
Is there any way to set it in registry, group policy or other places?
https://support.microsoft.com/en-us/help/4074621/add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-server-2008-sp2.