Depending on the version of Windows, you might run into an issue where Powershell is using an older TLS version which could cause errors. Recently, there’s been an industry-wide push, even by Microsoft, to require TLS 1.2 for secure communications. Even if you configure system-wide TLS versions using a tool like IISCrypto, Powershell could still be configured to use an older and weaker protocol. Some of the errors you might see are:
WARNING: Unable to download the list of available providers. Check your internet connection.
WARNING: Unable to resolve package source ‘https://www.powershellgallery.com/api/v2’.
Find-Package : No match was found for the specified search criteria and package name
To verify the TLS version in Powershell, run this command:
[Net.ServicePointManager]::SecurityProtocol
It should output something like:
PS C:\> [Net.ServicePointManager]::SecurityProtocol
Ssl3, Tls
In this example, Powershell is only configured to use TLS versions SSL 3.0 and TLS 1.0.
To change the TLS version in Powershell to TLS 1.2 only, run this command:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
If you need to revert, you need a single quote and comma separate the values like this:
[System.Net.ServicePointManager]::SecurityProtocol = 'Tls, Tls11, Tls12'
If your system or server has .NET 4.7 or newer, the above commands could return a value of SystemDefault which means it could any available protocols on the system. It is a current security best practice to force TLS 1.2 using the above command.
