Added version matching logic for OS and Apps Skipped SQL test for SQL 2014 SP2 (12.0.5000)
|2 years ago|
|.gitignore||2 years ago|
|README.md||2 years ago|
|ReadinessChecklist.xml||2 years ago|
|tlscheck.ps1||2 years ago|
A comprehensive set of tests to validate whether system is TLS 1.2 ready, along with tools and references to make system changes as easy as possible.
On a Server with Internet Access, execute the following command line:
From the Run dialog [Win]+[R] (or from within
cmd.exe or PowerShell Core
powershell -NoLogo -NoExit -Command "[Net.ServicePointManager]::SecurityProtocol = 'tls12'; $Max=1; iex (iwr -Uri 'https://code.lksz.me/varonis/tlscheck/raw/branch/master/tlscheck.ps1' -UseB | select -Exp Content)"
From a PowerShell prompt:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-Expression (Invoke-WebRequest -Uri 'https://code.lksz.me/varonis/tlscheck/raw/branch/master/tlscheck.ps1' -UseBasicParsing | Select-Object -ExpandProperty Content)
For offline use, first download+ the script (
tlscheck.ps1) and the XML (
+ Make sure you use the RAW view of the file to save it, or just Right-Click -> Save from the link mentioned here.
Then run the script from the command prompt:
# * Required to prevent script from being considered 'Remote' when Execution-Policy is set to RemoteSigned Unblock-File .\tlscheck.ps1 .\tlscheck.ps1
You might get an Execution Policy error:
...\tlscheck.ps1 cannot be loaded. The file C:\varonis\tlscheck.ps1 is not digitally signed. You cannot run this script on the current system. or ...\tlscheck.ps1 cannot be loaded because running scripts is disabled on this system.
The complete error will look something like:
.\tlscheck.ps1 : File ...\tlscheck.ps1 cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1
+ CategoryInfo : SecurityError: (:) , PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccess
If this is the case, you will need to change the `ExecutionPolicy` to `RemoteSigned`*, `Unrestricted` or `Bypass`. It's recommend you make the change in the `Process` ***scope*** only. ```powershell Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass . .\tlscheck.ps1
Alternatively (as a “workaround hack”) you can load the code dynamically into a string, and invoke it with
Invoke-Expression $(Get-Content .\tlscheck.ps1 | Out-String)