This is about instructions to Windows update KB3140245 on a 64-bit Windows 7 machine.
Microsoft released this update some time ago that "allows users to change system-wide default protocols for WinHTTP and hardcodes Webio default protocols to include TLS 1.1 and TLS 1.2", as explained in the KB article.
Setting TLS as default would probably be useful to help mitigate security problems with SSL.
This question is about this part of the knowledge article:
The DefaultSecureProtocols registry entry can be added in the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\WinHttpOn x64-based computers, DefaultSecureProtocols must also be added to
the Wow6432Node path:HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet
Settings\WinHttpThe registry value is a DWORD bitmap. The following values can be used
in any combination to enable multiple protocols by default:
…or more specifically, the parts of the instructions highlighted with red in below image:
Firstly the instructions seem to imply that user can enter multiple DWORD-values of name DefaultSecureProtocols in combination, but that is not possible (the names of the values must be unique under a particular key).
Secondly the (hexadecimal) values displayed in the KB article are too long (it is not possible to enter them as given in the registry editor) as shown in below image:
So the question I would like to ask is:
Given the limitations of the DWORD registry values, how can the 3 values displayed for the TLS 1.0, TLS 1.1, and TLS 1.2 be entered in combination?
Best Answer
Together with @Moab's suggestion (to get the DEC values) you can edit it in registry via a simple call to
reg.exeFor setting it to 0x00000A00.