We help IT Professionals succeed at work.

WinHTTPRequest and TLS v1.2

Is it possible to make the WinHTTPRequest object to use TLS v1.2 on a Windows 2008R2 server?

I tried to use this site: "https://howsmyssl.com/a/check" to check the connection security properties,
and it reports that the TLS is 1.0
but if I use the object Msxml2.XMLHTTP instead of WinHTTP.WinHTTPRequest,
then the server reports that "tls_version" is "TLS 1.2"

    set http_req = CreateObject("WinHTTP.WinHTTPRequest.5.1")
    http_req.open "GET", "https://howsmyssl.com/a/check", false
    MsgBox  http_req.responseText

Open in new window

the response:
"tls_version":"TLS 1.0","rating":"Bad"}

Open in new window

If that is impossible, then I'd like to know how actually bad to use "Msxml2.XMLHTTP" to make connections from a web server process?
Watch Question

Distinguished Expert 2019
Did you make sure that TLS 1.1 and 1.2 are enabled on the server? BTW - You might want to disable 3DES also.

One of the key things you need one the server is KB3140425 if you don't already have it. Here is a MS article that will walk you through everything: https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in


I've set the recommended value to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp and now WinHTTP uses TLS1.2 !
Thank you a lot!

Actually I had the value previously set in this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
But I was actually running a 32 bit script, so the value has had no effect.

Thank you again!