I was working in my lab and wanted to check which TLS versions were enabled on my various machines. You can check the registry for this but I thought of putting a PowerShell script together to achieve this information.
On the first machine, running the script provided the following output:
It showed that TLS 1.1 and TLS 1.2 were enabled. Running this on another machine showed that none were enabled as shown below:
Script
Here is the script that was used to get the information:
# Function to check TLS version
function Test-TlsVersion {
param (
[string]$ComputerName = "localhost"
)
try {
# Test TLS 1.0
$tls10 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls10
# Test TLS 1.1
$tls11 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls11
# Test TLS 1.2
$tls12 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls12
Write-Host "TLS 1.0 Enabled: $($tls10 -ne 0)" -ForegroundColor Green
Write-Host "TLS 1.1 Enabled: $($tls11 -ne 0)" -ForegroundColor Green
Write-Host "TLS 1.2 Enabled: $($tls12 -ne 0)" -ForegroundColor Green
}
catch {
Write-Host "Error: $_" -ForegroundColor Red
}
}
# Check TLS versions on the local machine
Test-TlsVersion
You can copy the script as is and just paste it in PowerShell or PowerShell ISE on any machine and it will give you the output. You can also use the “-ComputerName “ServerName”” switch at the end of the function as well for a remote computer.
Hope it helps.