I have a vendor which operates a web service that we subscribe to. They have told us they will begin to refuse connections which are established using TLS 1.0 protocols for encryption. I agree with this and I was fairly certain we had taken all of the necessary steps to disallow TLS 1.0 nearly 2 years ago. This vendor is doing it a little differently in that they are going to keep TLS 1.0 enabled on their server and reject and lock out any connections which attempt to connect using it. This part, I do not agree with but who am I.
This vendor has done a packet capture on their side and I have also done one on the client side and both clearly indicate a TLS 1.0 handshake and establishment of an encrypted connection. This is the heart of the problem.
My question is simple, or so I thought... How do I go about disabling TLS 1.0 on a Windows 7 client such that it will no longer respond to TLS 1.0 offerings from a server which still has TLS 1.0 enabled. The client application I use is basically an embedded Internet Explorer client and as such can use any setting which effects Internet Explorer.
I am not perplexed for long on most issues but I must admit that this one has me totally stumped.
Thanks in advance for your insight...