Hello,
Is there anyway to change the default level of tls 1.0 for gateway server. I noticed that once I disable tls 1.0 in the registry on the gateway server, windows 7 machines with RDC 8.1 cannot connect to the gateway. however, win10 machines still can connect. Once I turn tls 1.0 back on win 7 machines can connect great.
So can i have the gateway use a different encryption level?
Let me know if i need to provide more details.
Reference:
https://technet.microsoft.com/en-us/library/dd320345%28v=ws.10%29.aspx
"By default TLS 1.0 is used to encrypt communications between Remote Desktop Services clients and RD Gateway servers over the Internet. TLS is a standard protocol that helps to secure Web communications on the Internet or intranets. For TLS to function correctly, you must install an SSL-compatible X.509 certificate on the RD Gateway server."
**update: So it might not be the gateway that handles that handshake between client and gateway. As I mentioned, I tested connecting from windows 2012 R2 machine. In the logs, the handshakes were tls 1.2 all the way. however, on a win7 with rdc 8.1, it drops
back to tls 1.0 on the gateway connection. Not sure why.
Thoughts?