-
Notifications
You must be signed in to change notification settings - Fork 0
/
Set-SslProtocol.ps1
33 lines (28 loc) · 1.09 KB
/
Set-SslProtocol.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
function Set-SslProtocol() {
# enable or disable ssl/tls versions
param(
[validateset('Client', 'Server')]$type,
[validateset('enable', 'disable')]$action,
[validateset('SSL 2.0', 'SSL 3.0', 'TLS 1.0',
'TLS 1.1', 'TLS 1.2', 'TLS 1.3')]$protocol
)
$SChannel = 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols'
$param = @(
Path = "$SChannel\$protocol\$type"
PropertyType = 'DWord'
ErrorAction = Stop
)
try {
if ($action -eq 'enable') {
New-Item "$SChannel\$protocol\$type" -Force -ErrorAction Stop
New-ItemProperty @param -Name 'Enabled' -Value '1' -Force
New-ItemProperty @param -Name 'DisabledByDefault' -Value 0 -Force
}
if ($action -eq 'disable') {
New-Item "$SChannel\$protocol\$type" -Force -ErrorAction Stop
New-ItemProperty @param -Name 'Enabled' -Value '0' -Force
New-ItemProperty @param -Name 'DisabledByDefault' -Value 1 -Force
}
}
catch { Write-Warning $_ }
}