1 – Back up the SChannel registry settings prior to making changes, should you need to restore it.

---

2 – Install IIS Crypto 2.0 by Nartac Software (Go to link)

IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016. It also lets you reorder SSL/TLS cipher suites offered by IIS, implement best practices with a single click and create customized security templates.

---

3 – Click on Templates and select PCI 3.1 or any other compliance-based template.

4 – Click Apply below to load the cryptography options complaint with the template you chose.

---

5 – Click on SChannel and confirm the following options are selected (Might be different based on the template you chose).

---

6 – Open your Registry Editor and navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel to confirm the Protocols, Ciphers, Hashes and key exchange algorithms are created.

---

7 – Restart the server to apply the configuration.

---