Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
Gal Szkolnik 94f8181f54 Advanced xml to version 0.72 2 år sedan
.gitignore First commit 2 år sedan
README.md Code cleanup - per VS Code best behaviors (PROBLEMS pane) 2 år sedan
ReadinessChecklist.xml Advanced xml to version 0.72 2 år sedan
tlscheck.ps1 Advanced xml to version 0.72 2 år sedan


TLS Readiness Check

A comprehensive set of tests to validate whether system is TLS 1.2 ready, along with tools and references to make system changes as easy as possible.


  • This will work with PowerShell versions 4 or 5.
    ( Will NOT work with PowerShell 6 a.k.a. PowerShell Core )

Online one-liner

On a Server with Internet Access, execute the following command line:

From the Run dialog [Win]+[R] (or from within cmd.exe or PowerShell Core pwsh.exe):

powershell -NoLogo -NoExit -Command "[Net.ServicePointManager]::SecurityProtocol = 'tls12'; $Max=1; iex (iwr -Uri 'https://code.lksz.me/varonis/tlscheck/raw/branch/master/tlscheck.ps1' -UseB | select -Exp Content)"

From a PowerShell prompt:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-Expression (Invoke-WebRequest -Uri 'https://code.lksz.me/varonis/tlscheck/raw/branch/master/tlscheck.ps1' -UseBasicParsing | Select-Object -ExpandProperty Content)

Offline use

For offline use, first download+ the script (tlscheck.ps1) and the XML (ReadinessChecklist.xml) files.
+ Make sure you use the RAW view of the file to save it, or just Right-Click -> Save from the link mentioned here.

Then run the script from the command prompt:

# * Required to prevent script from being considered 'Remote' when Execution-Policy is set to RemoteSigned
Unblock-File .\tlscheck.ps1

You might get an Execution Policy error:

...\tlscheck.ps1 cannot be loaded. The file C:\varonis\tlscheck.ps1 is not digitally signed. You cannot run this script on the current system.


...\tlscheck.ps1 cannot be loaded because running scripts is disabled on this system.

The complete error will look something like:

.\tlscheck.ps1 : File ...\tlscheck.ps1 cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1

  • .\tlscheck.ps1
  •   + CategoryInfo          : SecurityError: (:) [], PSSecurityException
      + FullyQualifiedErrorId : UnauthorizedAccess

If this is the case, you will need to change the `ExecutionPolicy` to `RemoteSigned`*, `Unrestricted` or `Bypass`. It's recommend you make the change in the `Process` ***scope*** only.

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
. .\tlscheck.ps1

Alternatively (as a “workaround hack”) you can load the code dynamically into a string, and invoke it with Invoke-Expression :

Invoke-Expression $(Get-Content .\tlscheck.ps1 | Out-String)