Altaro Physical Server Backup requires TLS 1.2 or above in order to ensure correct product functionality.


By default Windows Server 2008R2 does not have TLS 1.2 enabled. To enable Transport Layer Security (TLS) 1.2, you will need to edit registry keys on your system. You can follow the steps below to enable TLS 1.2


  1. Log in to the machine with an account that has Administrator privileges

  2. Apply all available Windows Updates

  3. Restart the machine

  4. Open the Registry Editor (Start -> Run -> enter "regedit", hit enter)
    Warning: Incorrect changes to the Registry can prevent the operating system from functioning correctly. Modifications should be done by personnel who are experienced in it's use. We strongly recommend that you back up your existing registry before proceeding.


  5. Navigate to the entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\

  6. Right click on the Protocols key and select [New] > [Key] from the drop-down menu. Name this key to 'TLS 1.2'

  7. Right click on the TLS 1.2 key and add two new keys underneath: 'Client' and 'Server'

  8. Right click on the Client key and select [New] > [DWORD (32-bit) Value] and name it to 'DisabledByDefault'

  9. Create a second DWORD for Client and name this one to 'Enabled'. Once created, right click it and select [Modify...]

  10. Ensure the Value data field is set to '1' and the Base is Hexadecimal. Then click OK

  11. Repeat steps 8 to 10 for the Server key created previously

  12. The settings for both client and server should be as shown in the screenshot below

  13. Reboot the server in order to apply the changes

  14. Altaro Physical Server Backup should now be able to work