en-US/SChannelDsc-help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Assert-TlsProtocol</command:name> <command:verb>Assert</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Asserts that the specified TLS/SSL protocols are enabled or disabled.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Calls Test-TlsProtocol for the specified protocol(s) and throws a terminating error if the assertion fails. By default, the command asserts that the protocol(s) are enabled for server-side connections. Use the `-Client` switch to assert the `Client` key instead of the default `Server` key. Use the `-Disabled` switch to assert that the protocol(s) are disabled instead of enabled.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Assert-TlsProtocol</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to assert. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, assert the protocol in the `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Disabled</maml:name> <maml:description> <maml:para>When specified, asserts that the protocol(s) are disabled. By default the command asserts that the protocol(s) are enabled.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, assert the protocol in the `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Disabled</maml:name> <maml:description> <maml:para>When specified, asserts that the protocol(s) are disabled. By default the command asserts that the protocol(s) are enabled.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to assert. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Assert-TlsProtocol -Protocol Tls12</dev:code> <dev:remarks> <maml:para>Asserts that TLS 1.2 is enabled for server-side connections. Throws a terminating error if TLS 1.2 is not enabled.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Assert-TlsProtocol -Protocol Tls12 -Client</dev:code> <dev:remarks> <maml:para>Asserts that TLS 1.2 is enabled for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Assert-TlsProtocol -Protocol Tls12 -Disabled</dev:code> <dev:remarks> <maml:para>Asserts that TLS 1.2 is disabled for server-side connections. Throws a terminating error if TLS 1.2 is still enabled.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Assert-TlsProtocol -Protocol Ssl3, Tls -Disabled</dev:code> <dev:remarks> <maml:para>Asserts that both SSL 3.0 and TLS 1.0 are disabled for server-side connections.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Disable-TlsProtocol</command:name> <command:verb>Disable</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Disables specified TLS/SSL protocols by writing SCHANNEL registry values.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Disables SCHANNEL protocol keys under HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols for the server-side `Server` key by default. Use the `-Client` switch to operate on the `Client` key instead. The command will create the target key if it does not exist and set the `Enabled` DWORD to `0`.</maml:para> <maml:para>Optionally, when `-SetDisabledByDefault` is specified the command will also write `DisabledByDefault = 1` (opt-in only).</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Disable-TlsProtocol</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to disable. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SetDisabledByDefault</maml:name> <maml:description> <maml:para>When specified, also set the `DisabledByDefault` DWORD to 1. This is an opt-in behavior to avoid unintentionally changing additional registry values.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to disable. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SetDisabledByDefault</maml:name> <maml:description> <maml:para>When specified, also set the `DisabledByDefault` DWORD to 1. This is an opt-in behavior to avoid unintentionally changing additional registry values.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Disable-TlsProtocol -Protocol Ssl3</dev:code> <dev:remarks> <maml:para>Disables SSL 3.0 for server-side connections by setting the `Enabled` registry value to 0.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Disable-TlsProtocol -Protocol Tls -Client</dev:code> <dev:remarks> <maml:para>Disables TLS 1.0 for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Disable-TlsProtocol -Protocol Ssl2, Ssl3 -SetDisabledByDefault</dev:code> <dev:remarks> <maml:para>Disables SSL 2.0 and SSL 3.0 for server-side connections and also sets the `DisabledByDefault` registry value to 1.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Disable-TlsProtocol -Protocol Tls -Force</dev:code> <dev:remarks> <maml:para>Disables TLS 1.0 for server-side connections without prompting for confirmation.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Enable-TlsProtocol</command:name> <command:verb>Enable</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Enables specified TLS/SSL protocols by writing SCHANNEL registry values.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Enables SCHANNEL protocol keys under HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols for the server-side `Server` key by default. Use the `-Client` switch to operate on the `Client` key instead. The command will create the target key if it does not exist and set the `Enabled` DWORD to `1`.</maml:para> <maml:para>Optionally, when `-SetDisabledByDefault` is specified the command will also write `DisabledByDefault = 0` (opt-in only).</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Enable-TlsProtocol</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to enable. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SetDisabledByDefault</maml:name> <maml:description> <maml:para>When specified, also set the `DisabledByDefault` DWORD to 0. This is an opt-in behavior to avoid unintentionally changing additional registry values.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to enable. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SetDisabledByDefault</maml:name> <maml:description> <maml:para>When specified, also set the `DisabledByDefault` DWORD to 0. This is an opt-in behavior to avoid unintentionally changing additional registry values.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Enable-TlsProtocol -Protocol Tls12</dev:code> <dev:remarks> <maml:para>Enables TLS 1.2 for server-side connections by setting the `Enabled` registry value to 1.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Enable-TlsProtocol -Protocol Tls13 -Client</dev:code> <dev:remarks> <maml:para>Enables TLS 1.3 for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Enable-TlsProtocol -Protocol Tls12, Tls13 -SetDisabledByDefault</dev:code> <dev:remarks> <maml:para>Enables TLS 1.2 and TLS 1.3 for server-side connections and also sets the `DisabledByDefault` registry value to 0.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Enable-TlsProtocol -Protocol Tls12 -Force</dev:code> <dev:remarks> <maml:para>Enables TLS 1.2 for server-side connections without prompting for confirmation.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-TlsProtocol</command:name> <command:verb>Get</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Returns configured SCHANNEL protocol settings for Server or Client.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Reads the `Enabled` and `DisabledByDefault` values for one or more SCHANNEL protocol keys and returns a PSCustomObject with the results. By default, all supported protocols are queried if no specific protocol is specified.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-TlsProtocol</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`. If not specified, all supported protocols are returned.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, reads the `Client` key. By default the `Server` key is used.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, reads the `Client` key. By default the `Server` key is used.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`. If not specified, all supported protocols are returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>`System.Management.Automation.PSCustomObject`</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>Returns one or more objects with the following properties: Protocol,</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>Target, Enabled, DisabledByDefault, and RegistryPath.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Get-TlsProtocol</dev:code> <dev:remarks> <maml:para>Returns the SCHANNEL protocol settings for all supported protocols for server-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Get-TlsProtocol -Protocol Tls12</dev:code> <dev:remarks> <maml:para>Returns the SCHANNEL protocol settings for TLS 1.2 for server-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Get-TlsProtocol -Protocol Tls12, Tls13 -Client</dev:code> <dev:remarks> <maml:para>Returns the SCHANNEL protocol settings for TLS 1.2 and TLS 1.3 for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Get-TlsProtocol | Format-Table -AutoSize</dev:code> <dev:remarks> <maml:para>Returns all protocol settings and displays them in a formatted table.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Reset-TlsProtocol</command:name> <command:verb>Reset</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Resets specified TLS/SSL protocols by removing SCHANNEL registry keys.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Removes SCHANNEL protocol registry keys under HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols for the server-side `Server` key by default. Use the `-Client` switch to operate on the `Client` key instead. This resets the protocol configuration to the Windows default behavior.</maml:para> <maml:para>If no protocol is specified, all supported protocols are reset.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Reset-TlsProtocol</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to reset. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`. If not specified, all supported protocols are reset.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, operate on the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Suppresses confirmation prompts.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to reset. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`. If not specified, all supported protocols are reset.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf"> <maml:name>Confirm</maml:name> <maml:description> <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi"> <maml:name>WhatIf</maml:name> <maml:description> <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Reset-TlsProtocol</dev:code> <dev:remarks> <maml:para>Resets all supported TLS/SSL protocols for server-side connections by removing the corresponding registry keys, restoring Windows default behavior.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Reset-TlsProtocol -Protocol Tls12</dev:code> <dev:remarks> <maml:para>Resets TLS 1.2 for server-side connections by removing the corresponding registry key, restoring Windows default behavior.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Reset-TlsProtocol -Protocol Tls12 -Client</dev:code> <dev:remarks> <maml:para>Resets TLS 1.2 for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Reset-TlsProtocol -Protocol Ssl2, Ssl3</dev:code> <dev:remarks> <maml:para>Resets SSL 2.0 and SSL 3.0 for server-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 5 --------------------------</maml:title> <dev:code>Reset-TlsProtocol -Client -Force</dev:code> <dev:remarks> <maml:para>Resets all supported TLS/SSL protocols for client-side connections without prompting for confirmation.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 6 --------------------------</maml:title> <dev:code>Reset-TlsProtocol -Protocol Tls -Force</dev:code> <dev:remarks> <maml:para>Resets TLS 1.0 for server-side connections without prompting for confirmation.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Test-TlsNegotiation</command:name> <command:verb>Test</command:verb> <command:noun>TlsNegotiation</command:noun> <maml:description> <maml:para>Tests which TLS/SSL protocols can be negotiated with a target host/port.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Test-TlsNegotiation attempts to establish a TCP connection to the specified HostName and Port, then performs a TLS/SSL handshake using each protocol provided in `-Protocol`.</maml:para> <maml:para>It uses System.Net.Security.SslStream and ignores certificate validation errors on purpose (the goal is to test protocol support, not certificate trust).</maml:para> <maml:para>For each attempted protocol, the function returns an object indicating whether the handshake succeeded, and if so, which protocol and cipher suite were negotiated.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Test-TlsNegotiation</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>HostName</maml:name> <maml:description> <maml:para>The DNS name or IP address of the target host. Default is 'localhost'.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Localhost</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>Port</maml:name> <maml:description> <maml:para>The TCP port to connect to. Default is 443.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>443</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to attempt. Accepts values from the `[System.Security.Authentication.SslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`. If not specified, all supported protocols are attempted.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">None</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Default</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SslProtocols[]</command:parameterValue> <dev:type> <maml:name>SslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>Connection timeout in seconds for the TCP connect attempt. Default is 5.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt32</command:parameterValue> <dev:type> <maml:name>UInt32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>5</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>HostName</maml:name> <maml:description> <maml:para>The DNS name or IP address of the target host. Default is 'localhost'.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Localhost</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>Port</maml:name> <maml:description> <maml:para>The TCP port to connect to. Default is 443.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt16</command:parameterValue> <dev:type> <maml:name>UInt16</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>443</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to attempt. Accepts values from the `[System.Security.Authentication.SslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`. If not specified, all supported protocols are attempted.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SslProtocols[]</command:parameterValue> <dev:type> <maml:name>SslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>Connection timeout in seconds for the TCP connect attempt. Default is 5.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">UInt32</command:parameterValue> <dev:type> <maml:name>UInt32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>5</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>`System.Management.Automation.PSCustomObject`</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>Each output object contains: HostName, Port, AttemptedProtocol, Success,</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>NegotiatedProtocol, NegotiatedCipherSuite, Error, and InnerError.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para>Certificate validation is intentionally bypassed to focus solely on protocol support. TLS 1.3 availability depends on OS and .NET runtime.</maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Test-TlsNegotiation -HostName localhost</dev:code> <dev:remarks> <maml:para>Attempts each protocol against localhost using default port 443 and returns the results.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Test-TlsNegotiation -HostName localhost -Port 1433</dev:code> <dev:remarks> <maml:para>Attempts each protocol against localhost:1433 and returns the results.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Test-TlsNegotiation -HostName localhost -Port 1433 | Format-Table -AutoSize</dev:code> <dev:remarks> <maml:para>Attempts each protocol against localhost:1433 and displays results in a formatted table.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Test-TlsNegotiation -HostName sql01.contoso.com -Port 1433 -Verbose</dev:code> <dev:remarks> <maml:para>Tests protocol negotiation against sql01.contoso.com:1433 and prints each attempt via -Verbose.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 5 --------------------------</maml:title> <dev:code>Test-TlsNegotiation -HostName webserver.contoso.com -Port 443 -Protocol Tls12, Tls13</dev:code> <dev:remarks> <maml:para>Tests only TLS 1.2 and TLS 1.3 negotiation against a web server on port 443.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Test-TlsProtocol</command:name> <command:verb>Test</command:verb> <command:noun>TlsProtocol</command:noun> <maml:description> <maml:para>Tests if specified TLS/SSL protocols are enabled on the local machine.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Tests one or more SCHANNEL protocol keys under HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols to determine whether the protocol is enabled or disabled for server-side or client-side connections. Returns `$true` if all specified protocols match the expected state, or `$false` if any do not.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Test-TlsProtocol</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to check. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">Ssl2</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Tls13</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls1</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">DTls12</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, checks the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Disabled</maml:name> <maml:description> <maml:para>When specified, tests that the protocol(s) are disabled. By default the command tests that the protocol(s) are enabled.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Client</maml:name> <maml:description> <maml:para>When specified, checks the protocol `Client` registry key instead of the default `Server` key.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Disabled</maml:name> <maml:description> <maml:para>When specified, tests that the protocol(s) are disabled. By default the command tests that the protocol(s) are enabled.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga"> <maml:name>ProgressAction</maml:name> <maml:description> <maml:para>{{ Fill ProgressAction Description }}</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue> <dev:type> <maml:name>ActionPreference</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>One or more protocol names to check. Accepts values from the `[SChannelSslProtocols]` enum such as `Ssl2`, `Ssl3`, `Tls`, `Tls11`, `Tls12`, `Tls13`, `Dtls1`, `Dtls12`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SChannelSslProtocols[]</command:parameterValue> <dev:type> <maml:name>SChannelSslProtocols[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>`System.Boolean`</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>Returns `$true` if all specified protocols match the expected state,</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>`$false` otherwise.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Test-TlsProtocol -Protocol Tls12</dev:code> <dev:remarks> <maml:para>Tests if TLS 1.2 is enabled for server-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Test-TlsProtocol -Protocol Tls13 -Client</dev:code> <dev:remarks> <maml:para>Tests if TLS 1.3 is enabled for client-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 3 --------------------------</maml:title> <dev:code>Test-TlsProtocol -Protocol Tls12 -Disabled</dev:code> <dev:remarks> <maml:para>Tests if TLS 1.2 is disabled for server-side connections.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 4 --------------------------</maml:title> <dev:code>Test-TlsProtocol -Protocol Ssl2, Ssl3 -Disabled</dev:code> <dev:remarks> <maml:para>Tests if both SSL 2.0 and SSL 3.0 are disabled for server-side connections. Returns `$true` only if both protocols are disabled.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 5 --------------------------</maml:title> <dev:code>Test-TlsProtocol -Protocol Tls12 -Client -Disabled</dev:code> <dev:remarks> <maml:para>Tests if TLS 1.2 is disabled for client-side connections.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> </helpItems> |