How to create schannel registry keys on SFB server
Table of Contents
Procedure to create schannel registry keys on SFB server
- Open registry Editor on SFB server
- Navigate to the location “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL”and take the backup of it
- Post that create below DWORD registry’s in it
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
Create 32 bit DWORD
ClientAuthTrustMode and set value to 2 ( decimal )
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
Create 32 bit DWORD
SendTrustedIssuerList and set value to 0 ( decimal )
HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel
Create DWORD (32-bit) value.
EnableSessionTicket, set value to 2 ( decimal )
Once the registry’s are created on SFB server post that reboot is mandatory as we have made changes in HKEY_LOCAL_MACHINE
- -EnableSessionTicket, Required for Windows Server 2012 R2 https://support.microsoft.com/en-gb/kb/2901554
- -ClientAuthTrustMode, https://technet.microsoft.com/en-us/library/dn786429(v=ws.11).aspx
- -SendTrustedIssuerList, Only for Windows Server 2008 R2 or earlier versions. https://support.microsoft.com/en-gb/kb/2464556
Conclusion: Post reading this blog I can create Schannel registry keys successfully