TLS or Transport Layer Security is a security protocol that is designed with two goals in mind—maintaining Privacy and Data security on the internet. So an email sends from the computer to the server, web browser loading a website, VoIP, TLS can encrypt them. If you know what SSL is, then TLS is an evolution of it. Interesting to note that HTTPS is the implementation of TLS on the top of the HTTP protocol.
What is new with TLS 1.3?
TLS 1.3 is aimed to make sure less user information is available in plain text. It uses three cipher suites to achieve that in the earlier version of TLS. Client authentication exposed client identity unless renegotiation was made. This is always confidential in TLS 1.3. Applications and Server will have to start implementing and honoring the new security protocol, but as of now, it is not in a strict mode. If the browser supports it, but not the website, then it will fall back to the next available TLS version.
Enable or disable TLS 1.3 in Windows 11/10
While Windows offers TLS, it depends on the applications if it wants to use that or their own stick. For example, Chrome doesn’t use the Windows TLS layer. That said, for TLS to work, it has to be enabled both on the client and the server. Those using the Windows server, TLS 1.3 is enabled by default in IIS/HTTP.SYS. In Windows 10, starting with Insider Preview build Build 20170.
- Enable TLS in Microsoft Edge (Chromium)
- Enable TLS on Microsoft Edge Legacy
- Enable TLS 1.3 in Chrome Browser
- Enable TLS 1. 3 in Firefox
Once you enable the settings, you should restart the browser for TLS 1.3 to be effective. Be aware that this feature is still rolling out to all browsers, and may show up in your browser a little late.
1] Enable TLS in Microsoft Edge (Chromium)
This version of Edge is built on Chromium Engine, which does not use the Windows TLS stack. You will have to configure them independently using the edge://flags dialogue.
- In a new tab in Edge, type edge://flags
- Search for TLS 1.3 and enable the settings
Remember, it is still in an experimental stage as it is first deployed with Windows 10 Insider first, and then it will be in a broader layout. So if you don’t want to use it, you can use other browsers that use their stack of TLS 1.3.
2] Enable TLS on Microsoft Edge Legacy
- Type inetcpl.cpl in the Run prompt (Win + R) and press the Enter key
- It will open the Internet Properties window. Switch to the Advanced section
- Under the security section, check the box against TLS 1.3
- Restart the browser
3] Enable TLS 1.3 in Chrome Browser
Since Chrome and Edge both use the Chromium engine, you can enable or change the setting the same way with Chrome Flags.
- Type chrome://flags in a new tab on Edge, and press the Enter key.
- Search for TLS 1.3, and enable the settings
You will notice that the settings are enabled by default for Chrome. Something similar will happen eventually for all browsers.
4] Enable TLS 1. 3 in Firefox
- Launch Firefox, and in type about:config followed by press the enter key in a new Tab.
- It will open the configuration area with a search box.
- Locate security.tls.version.max flag, and double click to edit the value
- Change the value from 3 to 4.
- Restart the Firefox browser
I hope the post was easy to follow, and if you plan to use TLS, you can enable it in Windows, and all supported browser. If you wish to disable, change the value to three.
Related: How to disable TLS 1.0 in Windows 11/10 using Registry.
How to check if TLS 1.3 is enabled correctly?
You can use the Cloudflare’s Browsing Experience Security Check to know if TLS 1.3 is enabled by default.
Once on the page, press Check My Browser button, and it will reveal details such as Secure DNS, DNSSEC, TLS 1.3, and Encrypted SNI.
Leave a Reply