TLS 1.0 detected by an installer?

21 views
Skip to first unread message

Kurt Buff

unread,
Sep 3, 2025, 2:22:58 PM (2 days ago) Sep 3
to ntsys...@googlegroups.com
We're gearing up to roll out a new application which complains and requires manual intervention if it detects TLS 1.0 is active during installation. 

I've got a longstanding GPO that turns off TLS 1.0, and examining the registry shows the settings are applied to a test workstation:
image.png

image.png

An nmap scan from my workstation against this test machine shows RDP with only 1.2 and 1.3. ( nmap --script ssl-enum-ciphers <machine> )

The installer is still complaining about detecting TLS 1.0 - are there any further tests or checks I can perform before going back to the vendor and filing a bug report?

Kurt

Charles F Sullivan

unread,
Sep 3, 2025, 2:43:50 PM (2 days ago) Sep 3
to ntsys...@googlegroups.com
You are doing exactly what I've been doing, the settings and the testing using NMap. I hate to ask, but did you reboot after the change?

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7Jv7Fv%3D1M0pOHCtjqSEbPmHh4vZu5NRFEeBx4r61-gyA%40mail.gmail.com.


--

Charlie Sullivan

Principal Windows Systems Administrator

Kurt Buff

unread,
Sep 3, 2025, 3:56:51 PM (2 days ago) Sep 3
to ntsys...@googlegroups.com
What is this reboot you speak of?

Sigh, yes, but I don't know why - the GPO was applied prior to the August MSFT updates, so it should have picked it up.

I am good to go.

Kurt

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAEuHzzmJmMbUtz6pQ8VAjCvmx8C1N%2BsHpKirxTE-gZ%3DXH4i2Jw%40mail.gmail.com.

Jim Behning

unread,
Sep 4, 2025, 11:17:41 AM (16 hours ago) Sep 4
to ntsys...@googlegroups.com
I did the same group policies for disabling tls 1.0 and 1.1. Spent a few days updating firmware in printers and turning of tls 1.0 and 1.1. I think I have another dozen or more printers to go. I had 6 days off and lost track of that project.

 All this from an internal scan for HIPAA. I am learning more than I want to know about my network. 😉

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce4f7x6sxWgtv482U8fOgwXBD_1V1mwf1ktnqPyJxVB%2BLw%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages