I found some code to disable TLS, TLS1.1 & SSL3 but it is throwing a couple of errors I can’t figure out.
# Define the list of protocols to be disabled
$DisabledProtocols = [System.Net.SecurityProtocolType]::Tls, [System.Net.SecurityProtocolType]::Tls11, [System.Net.SecurityProtocolType]::Ssl3
# Store the current list of protocols in use
$CurrentProtocols = [System.Net.ServicePointManager]::SecurityProtocol
# Calculate the new set of protocols by excluding the insecure protocols from the current list
$NewProtocols = $CurrentProtocols -bor $DisabledProtocols
# Update the SecurityProtocol property to only include secure protocols
[System.Net.ServicePointManager]::SecurityProtocol = $NewProtocols
# Confirm the change by displaying the new list of security protocols in use
Write-Output "The following security protocols are now enabled: [System.Net.ServicePointManager]::SecurityProtocol"
The errors I’m getting:
Method invocation failed because [System.Net.SecurityProtocolType] does not contain a method named 'op_BitwiseOr'.
+ CategoryInfo : InvalidOperation: (op_BitwiseOr:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound
+ PSComputerName : xxxxx001
Exception setting "SecurityProtocol": "Cannot convert null to type "System.Net.SecurityProtocolType" due to
enumeration values that are not valid. Specify one of the following enumeration values and try again. The possible
enumeration values are "SystemDefault,Ssl3,Tls,Tls11,Tls12"."
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
+ PSComputerName : xxxxxxx001
Hoping to figure these errors out or use a more PowerShell cmdlet style to accomplish this task.