-
Notifications
You must be signed in to change notification settings - Fork 8
SChannelProtocolServer
dscbot edited this page Mar 31, 2026
·
1 revision
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| IsSingleInstance | Key | System.String | Specifies that the resource is a single instance resource. | Yes |
| ProtocolsDefault | Write | System.String[] | The protocols that should be in default state. |
Ssl2, Ssl3, Tls, Tls11, Tls12, Tls13, DTls1, DTls12
|
| ProtocolsDisabled | Write | System.String[] | The protocols that should be disabled. |
Ssl2, Ssl3, Tls, Tls11, Tls12, Tls13, DTls1, DTls12
|
| ProtocolsEnabled | Write | System.String[] | The protocols that should be enabled. |
Ssl2, Ssl3, Tls, Tls11, Tls12, Tls13, DTls1, DTls12
|
| RebootWhenRequired | Write | System.Boolean | Reboot the machine if required to apply the changes. | |
| Reasons | Read | SChannelReason[] | Returns the reason a property is not in desired state. |
This DSC Resource manages the enabled, disabled, and default protocols for the server side of SCHANNEL. It inherits from SChannelProtocolBase which has properties for managing the protocols and a property for rebooting when required. The compliance part (audit via Azure Policy) of Azure AutoManage Machine Configuration uses the properties of this resource to check if the server side SCHANNEL protocols are in the desired state.
This example shows how to enable the SSL v3.0 protocol.
Configuration Example
{
param ()
Import-DscResource -ModuleName SChannelDsc
node localhost
{
SChannelProtocolServer EnableSSLv3
{
IsSingleInstance = 'Yes'
ProtocolsEnabled = 'Ssl3'
}
}
}This example shows how to disable the SSL v3.0 protocol.
Configuration Example
{
param ()
Import-DscResource -ModuleName SChannelDsc
node localhost
{
SChannelProtocolServer DisableSSLv3
{
IsSingleInstance = 'Yes'
ProtocolsDisabled = 'Ssl3'
}
}
}This example shows how to reset the SSL v3.0 protocol to the OS default.
Configuration Example
{
param ()
Import-DscResource -ModuleName SChannelDsc
node localhost
{
SChannelProtocolServer ResetSSLv3
{
IsSingleInstance = 'Yes'
ProtocolsDefault = 'Ssl3'
}
}
}