How to Change Windows PowerShell to Use TLS 1.2

Installation Proxy TLS Requirements

Since TLS 1.0 and 1.1 have been deprecated by the Internet Engineering Task Force (IETF) as of March 25, 2021 and they have been disabled in all major operation systems and browsers for security reason, our installation proxy service only supports TLS 1.2.

Although Microsoft has officially disabled TLS 1.0 and TLS 1.1, depending on the Windows PowerShell version and Windows Update settings, your may still encounter SSL/TLS error when attempting to install CMC via the installation proxy such as the following:

irm : The request was aborted: Could not create SSL/TLS secure channel

How to Change Windows PowerShell to Use TLS 1.2

In order to force PowerShell session to use TLS 1.2, run the following PowerShell command before executing the installation command.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Once you verified the above line works, you can have it automatically executed whenever a new PowerShell session is started by running this command in PowerShell:

$ProfileFile = "${PsHome}\Profile.ps1"  
if (! (Test-Path $ProfileFile)) {New-Item -Path $ProfileFile -Type file -Force}  
'[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12' | Out-File -FilePath $ProfileFile -Encoding ascii -Append

Updated on: 24/02/2023

Was this article helpful?

Share your feedback


Thank you!