I am facing issues with TLS 1.2 on my Windows Server 2012 R2 (application web server,IIS), where I am unable to access https://api.nuget.org/v3/index.json via Internet Explorer even after I see that TLS 1.2 has been enabled.
I have another server with the same OS and same OS updates (but no IIS) and this server has no problem accessing the API or any other endpoint with TLS 1.2)
On the problematic server, I've tried the following:
- Used IISCrypto to enable everything -> Restart -> FAILED
- Manually Change Registry settings following Microsoft documentation – https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2 – FAILED
- Used the following Script to completely reset and re-enable only TLS 1.2 – https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12 – FAILED
At this time, I've spent the better of 3 days trying to troubleshoot and see what the issue is between these two servers, why one windows server works and another doesn't.
Any tips, troubleshooting steps or tools would be most welcome!
Screenshots
- via Nuget CLR
- on the problematic server
- On the server that works
Best Answer
So, After hours of troubleshooting I was finally able to resolve the issue and get the API accessible from our server over TLS 1.2.
We have .net framework on our server which was having trouble accessing the API. Microsoft recommends we set the following registry to force SystemDefaultTlsVersions