Table of Contents
No longer supports TLS versions 1.0 and 1.1
By default, earlier PowerShell versions use SSL 3.0 and TLS 1.0 to establish secure HTTPS connections to repositories. Windows 7 enables SSL 3.0 and TLS 1.0 by default.
[enum]::GetNames([System.Net.SecurityProtocolType])
According to Microsoft documentation TLS 1.2 is enabled by default on Windows editions. But in some cases, if it not enabled, you can check and enable it manually.
TLS protocol version support
🟢 = Enabled by default | ❌ = Not enabled by default
For example, as of April 2020, the PowerShell Gallery no longer supports Transport Layer Security (TLS) versions 1.0 and 1.1. Client must use TLS 1.2 or higher to establish a connection to the repository. When connecting to the repository on Windows 7, you would get the following error.
PS C:\Users\bonben> Install-Module -Name ExchangeOnlineManagement
The term 'Install-Module' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:15
+ Install-Module <<<< -Name ExchangeOnlineManagement
+ CategoryInfo : ObjectNotFound: (Install-Module:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundExceptionEnable TLS Version 1.2 on Windows 7
Steps to enable TLS 1.2 on Windows 7 are:
- Install the .NET Framework 4.5 and higher on the Windows 7.
- Upgrade PowerShell 2.0 to PowerShell 5.1.
- Enable TLS 1.2 by registry.
Install the .NET Framework 4.5 and higher
You can download then install the .NET Framework 4.5 or higher from Microsoft.
Download links for the framework: Microsoft Download Center | Direct link
Related posts:
Upgrade PowerShell in Windows 7
1. Before you begin, you need to upgrade the PowerShell version in Windows 7 to PSVersion 5.1. The preinstalled PowerShell version in Windows 7 is 2.0.50727.5420.
PS C:\Users\bonben> $PSVersionTable
Name Value
---- -----
CLRVersion 2.0.50727.5420
BuildVersion 6.1.7601.17514
PSVersion 2.0
WSManStackVersion 2.02. To update to PowerShell 5.1, let’s download the below security updates then install it on your computer. Please download the update to fit your Windows architecture. In our case, we’ll download the package for Windows 7 64-bit.
3. Open the downloaded file to install the PowerShell 5.1 normally.
4. Restart the computer to take the change goes into effect.
5. Once done, you can verify the PowerShell version using $PSVersionTable command.
PS C:\Users\bonben> $PSVersionTable
Name Value
---- -----
PSVersion 5.1.14409.1005
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14409.1005
CLRVersion 4.0.30319.34209
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1Enable TLS 1.2 on Windows 7
1. Once the PowerShell version is upgraded, we need to install the KB3140245 Windows update from the Microsoft Update Catalog. This update will create the registry key paths in which you will create new registry keys. These registry keys will allow you to enable TLSv1.2 on your Windows 7.
Or you can get it from the direct link form Microsoft: KB3140245.
2. Open the downloaded file to install the update KB3140245.
3. You may ask to restart your computer. Let’s restart it to continue.
4. Now, this is time to add registry keys for TLS versions 1.1 and 1.2. Open PowerShell as administrator then copy the below commands and paste them into the opening PowerShell window.
Set-ItemProperty `
-Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' `
-Name 'SchUseStrongCrypto' -Value '1' -Type DWord
Set-ItemProperty `
-Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' `
-Name 'SchUseStrongCrypto' -Value '1' -Type DWord5. Restart your computer one more time to take the changes go into effect.
Check if the TSL 1.2 is enable on Windows 7
1. To check your current settings in the Microsoft .NET Framework, let’s open Windows PowerShell as administrator then run the following command:
[Net.ServicePointManager]::SecurityProtocolAs you can see, now, your Windows can access websites and apps require TLS 1.2.
2. To list the available protocols on your local workstation, and on your local Powershell profile you’re using, let’s run the following command:
[enum]::GetNames([System.Net.SecurityProtocolType])
3. To verify it’s working. We’ve installed the Exchange Online PowerShell module. To install that module, the PowerShell needs to connect to PSGalery using TLS 1.2.
PS C:\Users\bonben> Install-Module -Name ExchangeOnlineManagement
NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\bonben\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by
running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install
and import the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from
'PSGallery'?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): A
PS C:\Users\bonben> Get-InstalledModule
Version Name Repository Description
------- ---- ---------- -----------
3.1.0 ExchangeOnlineManagement PSGallery This is a General Availability (GA) release of t...That’s it, hope this post can help you to enable and use TLS 1.2 on your Windows 7 computer.
Not a reader? Watch this related video tutorial:
