I was working in my lab and wanted to check which TLS versions were enabled on my various machines. You can check the registry for this but I thought of putting a PowerShell script together to achieve this information.

On the first machine, running the script provided the following output:

Script showing TLS versions enabled on a server

It showed that TLS 1.1 and TLS 1.2 were enabled. Running this on another machine showed that none were enabled as shown below:

Script showing TLS versions not enabled on a server


Here is the script that was used to get the information:

# Function to check TLS version
function Test-TlsVersion {
    param (
        [string]$ComputerName = "localhost"

    try {
        # Test TLS 1.0
        $tls10 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls10

        # Test TLS 1.1
        $tls11 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls11

        # Test TLS 1.2
        $tls12 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls12

        Write-Host "TLS 1.0 Enabled: $($tls10 -ne 0)" -ForegroundColor Green
        Write-Host "TLS 1.1 Enabled: $($tls11 -ne 0)" -ForegroundColor Green
        Write-Host "TLS 1.2 Enabled: $($tls12 -ne 0)" -ForegroundColor Green
    catch {
        Write-Host "Error: $_" -ForegroundColor Red

# Check TLS versions on the local machine

You can copy the script as is and just paste it in PowerShell or PowerShell ISE on any machine and it will give you the output. You can also use the “-ComputerName “ServerName”” switch at the end of the function as well for a remote computer.

Hope it helps.


    Discover more from Everything-PowerShell

    Subscribe now to keep reading and get access to the full archive.

    Continue reading