- \n
- DTLS is the abbreviation of Datagram Transport Layer Security. It’s also a cryptographic protocol providing security to datagram-based applications. It is used to prevent eavesdropping, tampering or message forgery.<\/li>\n<\/ul>\n\n\n\n
- \n
- SSL is Secure Sockets Layer. It’s the standard security technology<\/li>\n<\/ul>\n\n\n\n
We can find 3 versions of SSL (1.0,2.0 & 3.0) and 4 versions of TLS (1.0,1.1,1.2 & 1.3) actually.<\/p>\n\n\n\n
Even if some protocols are deprecated or no more used, it’s good to verify.<\/p>\n\n\n\n
TLS 1.0 is available for Windows Server 2008 and more<\/p>\n\n\n\n
TLS 1.1& 1.2 is available from Windows Server 2012 version and more<\/p>\n\n\n\n
TLS 1.3 is available for Windows Server 2022<\/p>\n\n\n\n
All these protocols expect for TLS 1.3 are under the key:<\/p>\n\n\n\n
HKLM\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols<\/strong><\/p>\n\n\n\n
After this key, you will have the protocol, like for example for TLS 1.2:<\/p>\n\n\n\n
HKLM\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2<\/strong><\/p>\n\n\n\n
Under this key with the protocol version, we will find 2 other keys: Client & Server<\/p>\n\n\n\n
HKLM\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Client<\/strong><\/p>\n\n\n\n
HKLM\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Server<\/strong><\/p>\n\n\n\n
And finally, the value name will be Enabled<\/strong> as a DWORD with 1 if it’s enabled or 0 if it’s disable.<\/p>\n\n\n\n
Under Windows Server 2022, the TLS 1.3 will be under the key:<\/p>\n\n\n\n
HKLM\\SYSTEM\\CurrentControlSet\\Services\\HTTP\\Parameters<\/strong><\/p>\n\n\n\n
The value name will be EnableHTTP3<\/strong> as a DWORD with 1 if it’s enabled or 0 if it’s disable<\/p>\n\n\n\n
Now, go to the query..<\/p>\n\n\n\n
The first step is to declare and set all variables:<\/p>\n\n\n\n
DECLARE @value SQL_VARIANT\r\nDECLARE @key VARCHAR(100)\r\nDECLARE @Protocol_status varchar(20)\r\n\r\nDECLARE @RegistryKey varchar(70)\r\n--SSL Protocols\r\nDECLARE @RegistryKeySSL10 varchar(10)\r\nDECLARE @RegistryKeySSL20 varchar(10)\r\nDECLARE @RegistryKeySSL30 varchar(10)\r\n-- TLS protocols\r\nDECLARE @RegistryKeyTLS10 varchar(10)\r\nDECLARE @RegistryKeyTLS11 varchar(10)\r\nDECLARE @RegistryKeyTLS12 varchar(10)\r\nDECLARE @RegistryKeyTLS13 varchar(50)\r\n-- DTLS protocols\r\nDECLARE @RegistryKeyDTLS10 varchar(10)\r\nDECLARE @RegistryKeyDTLS11 varchar(10)\r\nDECLARE @RegistryKeyDTLS12 varchar(10)\r\n\r\nDECLARE @RegistryKeyServer varchar(10)\r\nDECLARE @RegistryKeyClient varchar(10)\r\n\r\nSet @RegistryKey = 'SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols'\r\n\r\nSet @RegistryKeySSL10 = 'SSL 1.0'\r\nSet @RegistryKeySSL20 = 'SSL 2.0'\r\nSet @RegistryKeySSL30 = 'SSL 3.0'\r\n\r\nSet @RegistryKeyTLS10 = 'TLS 1.0'\r\nSet @RegistryKeyTLS11 = 'TLS 1.1'\r\nSet @RegistryKeyTLS12 = 'TLS 1.2'\r\nSet @RegistryKeyTLS13 = 'SYSTEM\\CurrentControlSet\\Services\\HTTP\\Parameters'\r\n\r\nSet @RegistryKeyDTLS10 = 'DTLS 1.0'\r\nSet @RegistryKeyDTLS11 = 'DTLS 1.1'\r\nSet @RegistryKeyDTLS12 = 'DTLS 1.2'\r\n\r\nSet @RegistryKeyServer = 'Server'\r\nSet @RegistryKeyClient = 'Client'\r\n<\/code><\/pre>\n\n\n\nThe result will be store in a temporary table with the protocol version, function (client \/server, the key value in Hexadecimal and the status (Disable\/Enable)):<\/p>\n\n\n\n
-- Search for SSL 1.0\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL10+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL10,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r<\/code><\/pre>\n\n\n\nThe temporary table will give a result like this for a server:<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\")
<\/figure>\n\n\n\nIn this example TLS 1.2 is enable.<\/p>\n\n\n\n
You can easy go through a CMS (Central Management Server) and select only the status “Enable”:<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture2.png\")
<\/figure>\n\n\n\nIn this example, I have 3 SQL server with the TLS1.2 enable.<\/p>\n\n\n\n
You can notice that 2 types of value are given: 0x01000000 & 0xFFFFFFFF<\/p>\n\n\n\n
In the first case, the registry is:<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture3.png\")
<\/figure>\n\n\n\nIn the second case, the registry is<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture4.png\")
<\/figure>\n\n\n\nFor both, the TLS 1.2 is enabled.<\/p>\n\n\n\n
To finish, I give you the script to retrieve all security protocols from a SQL Server query:<\/p>\n\n\n\n
DECLARE @value SQL_VARIANT\r\nDECLARE @key VARCHAR(100)\r\nDECLARE @Protocol_status varchar(20)\r\n\r\nDECLARE @RegistryKey varchar(70)\r\n--SSL Protocols\r\nDECLARE @RegistryKeySSL10 varchar(10)\r\nDECLARE @RegistryKeySSL20 varchar(10)\r\nDECLARE @RegistryKeySSL30 varchar(10)\r\n-- TLS protocols\r\nDECLARE @RegistryKeyTLS10 varchar(10)\r\nDECLARE @RegistryKeyTLS11 varchar(10)\r\nDECLARE @RegistryKeyTLS12 varchar(10)\r\nDECLARE @RegistryKeyTLS13 varchar(50)\r\n-- DTLS protocols\r\nDECLARE @RegistryKeyDTLS10 varchar(10)\r\nDECLARE @RegistryKeyDTLS11 varchar(10)\r\nDECLARE @RegistryKeyDTLS12 varchar(10)\r\n\r\nDECLARE @RegistryKeyServer varchar(10)\r\nDECLARE @RegistryKeyClient varchar(10)\r\n\r\nSET @RegistryKey = 'SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols'\r\n\r\nSET @RegistryKeySSL10 = 'SSL 1.0'\r\nSET @RegistryKeySSL20 = 'SSL 2.0'\r\nSET @RegistryKeySSL30 = 'SSL 3.0'\r\n\r\nSET @RegistryKeyTLS10 = 'TLS 1.0'\r\nSET @RegistryKeyTLS11 = 'TLS 1.1'\r\nSET @RegistryKeyTLS12 = 'TLS 1.2'\r\nSET @RegistryKeyTLS13 = 'SYSTEM\\CurrentControlSet\\Services\\HTTP\\Parameters'\r\n\r\nSET @RegistryKeyDTLS10 = 'DTLS 1.0'\r\nSET @RegistryKeyDTLS11 = 'DTLS 1.1'\r\nSET @RegistryKeyDTLS12 = 'DTLS 1.2'\r\n\r\nSET @RegistryKeyServer = 'Server'\r\nSET @RegistryKeyClient = 'Client'\r\n\r\nCREATE TABLE #result\r\n(\r\n\tProtocol_version varchar(10),\r\n\tProtocol_function varchar(10),\r\n\tProtocol_value varbinary(max),\r\n\tProtocol_status varchar (20)\r\n\r\n)\r\n\r\n-- Search for SSL 1.0\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL10+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL10,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL10+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL10,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for SSL 2.0\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL20+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL20,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL20+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL20,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for SSL 3.0 \r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL30+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) = 1) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL30,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeySSL30+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeySSL30,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n\r\n-- Search for TLS 1.0\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS10+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS10,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS10+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS10,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for TLS 1.1\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS11+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS11,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS11+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (Convert(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS11,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for TLS 1.2\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS12+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS12,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyTLS12+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyTLS12,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- TLS 1.3\r\nSET @value = 0\r\nSET @key = @RegistryKeyTLS13\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'EnableHTTP3', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES ('TLS 1.3','',CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n\r\n-- Search for DTLS 1.0\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS10+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS10,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS10+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS10,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for DTLS 1.1\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS11+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS11,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS11+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS11,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n-- Search for DTLS 1.2\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS12+'\\'+@RegistryKeyServer\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS12,@RegistryKeyServer,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\nSET @value = 0\r\nSET @key = @RegistryKey+'\\'+@RegistryKeyDTLS12+'\\'+@RegistryKeyClient\r\nEXEC xp_regread @rootkey = 'HKEY_LOCAL_MACHINE',@key = @key,@value_name = 'Enabled', @value = @value OUTPUT\r\nIF (CONVERT(int,CONVERT(VARBINARY(MAX), @value)) <> 0) SET @Protocol_status = 'Enable' ELSE SET @Protocol_status = 'Disable'\r\nINSERT INTO #result VALUES (@RegistryKeyDTLS12,@RegistryKeyClient,CONVERT(VARBINARY(MAX), @value),@Protocol_status)\r\n\r\nSELECT * FROM #result\r\n\r\nSELECT * FROM #result where Protocol_status='Enable'\r\n\r\nDROP table #result\r<\/code><\/pre>\n\n\n\nI hope this script can help you and you will enjoy searching the security protocols enabled\u2026<\/p>\n","protected":false},"excerpt":{"rendered":"
First, a little explanation about TLS, DTLS & SSL: We can find 3 versions of SSL (1.0,2.0 & 3.0) and 4 versions of TLS (1.0,1.1,1.2 & 1.3) actually. Even if some protocols are deprecated or no more used, it’s good to verify. TLS 1.0 is available for Windows Server 2008 and more TLS 1.1& 1.2 […]<\/p>\n","protected":false},"author":15,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229,149,99],"tags":[49,51],"type_dbi":[],"class_list":["post-24339","post","type-post","status-publish","format-standard","hentry","category-database-administration-monitoring","category-security","category-sql-server","tag-microsoft","tag-sql-server"],"acf":[],"yoast_head":"\n
SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query? - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?\" \/>\n<meta property=\"og:description\" content=\"First, a little explanation about TLS, DTLS & SSL: We can find 3 versions of SSL (1.0,2.0 & 3.0) and 4 versions of TLS (1.0,1.1,1.2 & 1.3) actually. Even if some protocols are deprecated or no more used, it’s good to verify. TLS 1.0 is available for Windows Server 2008 and more TLS 1.1& 1.2 […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-05T11:34:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-05T11:34:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\" \/>\n<meta name=\"author\" content=\"St\u00e9phane Haby\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"St\u00e9phane Haby\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\"},\"author\":{\"name\":\"St\u00e9phane Haby\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b\"},\"headline\":\"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?\",\"datePublished\":\"2023-04-05T11:34:03+00:00\",\"dateModified\":\"2023-04-05T11:34:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\"},\"wordCount\":413,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\",\"keywords\":[\"Microsoft\",\"SQL Server\"],\"articleSection\":[\"Database Administration & Monitoring\",\"Security\",\"SQL Server\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\",\"name\":\"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query? - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\",\"datePublished\":\"2023-04-05T11:34:03+00:00\",\"dateModified\":\"2023-04-05T11:34:04+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\",\"contentUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b\",\"name\":\"St\u00e9phane Haby\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g\",\"caption\":\"St\u00e9phane Haby\"},\"description\":\"St\u00e9phane Haby has more than ten years of experience in Microsoft solutions. He is specialized in SQL Server technologies such as installation, migration, best practices, and performance analysis etc. He is also an expert in Microsoft Business Intelligence solutions such as SharePoint, SQL Server and Office. Futhermore, he has many years of .NET development experience in the banking sector and other industries. In France, he was one of the first people to have worked with Microsoft Team System. He has written several technical articles on this subject. St\u00e9phane Haby is Microsoft Most Valuable Professional (MVP) as well as Microsoft Certified Solutions Associate (MCSA) and\u00a0Microsoft Certified Solutions Expert (MCSE) for SQL Server 2012. He is also Microsoft Certified Technology Specialist (MCTS) and Microsoft Certified IT Professional (MCITP) for SQL Server 2008 as well as ITIL Foundation V3 certified. He holds a Engineer diploma in industrial computing and automation from France. His branch-related experience covers Chemicals & Pharmaceuticals, Banking \/ Financial Services, and many other industries.\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/stephane-haby\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query? - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/","og_locale":"en_US","og_type":"article","og_title":"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?","og_description":"First, a little explanation about TLS, DTLS & SSL: We can find 3 versions of SSL (1.0,2.0 & 3.0) and 4 versions of TLS (1.0,1.1,1.2 & 1.3) actually. Even if some protocols are deprecated or no more used, it’s good to verify. TLS 1.0 is available for Windows Server 2008 and more TLS 1.1& 1.2 […]","og_url":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/","og_site_name":"dbi Blog","article_published_time":"2023-04-05T11:34:03+00:00","article_modified_time":"2023-04-05T11:34:04+00:00","og_image":[{"url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png","type":"","width":"","height":""}],"author":"St\u00e9phane Haby","twitter_card":"summary_large_image","twitter_misc":{"Written by":"St\u00e9phane Haby","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/"},"author":{"name":"St\u00e9phane Haby","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b"},"headline":"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?","datePublished":"2023-04-05T11:34:03+00:00","dateModified":"2023-04-05T11:34:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/"},"wordCount":413,"commentCount":0,"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png","keywords":["Microsoft","SQL Server"],"articleSection":["Database Administration & Monitoring","Security","SQL Server"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/","url":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/","name":"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query? - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage"},"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png","datePublished":"2023-04-05T11:34:03+00:00","dateModified":"2023-04-05T11:34:04+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#primaryimage","url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png","contentUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/04\/Picture1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/sql-server-how-to-see-your-enable-security-protocols-tls-ssl-dtls-with-a-tsql-query\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"SQL Server: How to see your enable security protocols (TLS\/SSL\/DTLS) with a TSQL Query?"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/d0bfb7484ae81c8980fc2b11334f803b","name":"St\u00e9phane Haby","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1123227ca39a5dca608c0f72d23cd1904fee29979749bbb3a485b9438436c553?s=96&d=mm&r=g","caption":"St\u00e9phane Haby"},"description":"St\u00e9phane Haby has more than ten years of experience in Microsoft solutions. He is specialized in SQL Server technologies such as installation, migration, best practices, and performance analysis etc. He is also an expert in Microsoft Business Intelligence solutions such as SharePoint, SQL Server and Office. Futhermore, he has many years of .NET development experience in the banking sector and other industries. In France, he was one of the first people to have worked with Microsoft Team System. He has written several technical articles on this subject. St\u00e9phane Haby is Microsoft Most Valuable Professional (MVP) as well as Microsoft Certified Solutions Associate (MCSA) and\u00a0Microsoft Certified Solutions Expert (MCSE) for SQL Server 2012. He is also Microsoft Certified Technology Specialist (MCTS) and Microsoft Certified IT Professional (MCITP) for SQL Server 2008 as well as ITIL Foundation V3 certified. He holds a Engineer diploma in industrial computing and automation from France. His branch-related experience covers Chemicals & Pharmaceuticals, Banking \/ Financial Services, and many other industries.","url":"https:\/\/www.dbi-services.com\/blog\/author\/stephane-haby\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/24339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=24339"}],"version-history":[{"count":1,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/24339\/revisions"}],"predecessor-version":[{"id":24344,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/24339\/revisions\/24344"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=24339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=24339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=24339"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=24339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- SSL is Secure Sockets Layer. It’s the standard security technology<\/li>\n<\/ul>\n\n\n\n