Activation of TLS 1.2 on Windows Server 2016

New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -Force | Out-Null

New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'Enabled' -value '1' -PropertyType 'DWord' -Force | Out-Null

New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null

New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -Force | Out-Null

New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null

and also, since TLS 1.2 is enabled by default since Windows 8, .NET Framework probably need to these registry values to default to Tls 1.2:

reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /f /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /reg:64  
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /f /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /reg:32  
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /f /v SchUseStrongCrypto /t REG_DWORD /d 1 /reg:64  
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /f /v SchUseStrongCrypto /t REG_DWORD /d 1 /reg:32