Skip to main content

Enabling TLS 1.2 for Method Sync Engine

If Method Sync Engine cannot connect, TLS 1.2 may need to be enabled for older Windows machines.

Updated over 2 weeks ago

If you are using an older Microsoft Windows machine or server, you may need to migrate to the latest Transport Layer Security (TLS 1.2) protocol. Failing to do so will result in errors or failed authentications in the Method Sync Engine for QuickBooks Desktop.

Please consult the below chart to see if your platform needs to have TLS 1.2 enabled. For more information on supported versions, please see Microsoft's article, Protocols in TLS/SSL (Schannel SSP).

Windows Version

TLS Version

Windows 8.1 / 10

TLS 1.2 should be enabled by default. You should still check if it is.

Windows 11

Check if TLS 1.2 is enabled.

Windows 7

Deprecated TLS. Must upgrade to TLS 1.2.

Windows Server
2022 / 2019 / 2016

Check if TLS 1.2 is enabled.

Windows Server 2012R2

Check if TLS 1.2 is enabled.

Windows Server
​2008R2 / 2012

Deprecated TLS. Must upgrade to TLS 1.2.

Windows XP and Vista

Does not support TLS 1.2. Must upgrade Windows.

NOTE: Every system has its own configuration settings and environment variables. The provided instructions are meant to be as generic as possible, but may not apply in every case. Customers may need to consult their IT administrator or system provider if issues persist.

Check if TLS 1.2 is enabled

To verify whether TLS 1.2 is already enabled on a Windows system, follow one of these methods:

Method 1: Check via Registry Editor

  1. Open Run (Win + R), type regedit, and press Enter.

  2. Navigate to: 

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client

  3. Look for the following values:

    • DisabledByDefault should be 0.

    • Enabled should be 1.

  4. Repeat the same steps for:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server

Method 2: Check via PowerShell

  1. Open PowerShell as Administrator.

  2. Run the following command:

    [Net.ServicePointManager]::SecurityProtocol

  3. If TLS 1.2 is enabled, you should see Tls12 in the output.

Method 3: Check via Internet Options

  1. Open Run (Win + R), type inetcpl.cpl, and press Enter.

  2. Go to the Advanced tab.

  3. Scroll down to the Security section.

  4. Ensure Use TLS 1.2 is checked.

If none of these methods confirm TLS 1.2 is enabled, you may need to manually enable it.

Enable TLS 1.2

To enable TLS 1.2 on older Windows operating systems, follow these steps:

Windows 11

While Windows 11 typically enables TLS 1.2 by default, some systems may require it to be manually enabled. Follow the steps below to ensure TLS 1.2 is enabled:

Step 1: Enable TLS 1.2 via Internet Options

  1. Press Windows + R on your keyboard.

  2. Type inetcpl.cpl and press Enter.

  3. In the Internet Properties window, go to the Advanced tab.

  4. Scroll down to the Security section.

  5. Make sure the checkbox for "Use TLS 1.2" is checked.

  6. Click Apply, then OK.

Step 2: Enable TLS 1.2 via the Registry (for system-wide use)

This step should be performed by an IT administrator. Please back up your registry before making any changes.

  1. Press Windows + R, type regedit, and press Enter.

  2. Navigate to: 

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

  3. Right-click on Protocols, select New > Key, and name it TLS 1.2.

  4. Inside the TLS 1.2 folder, create another key and name it Client.

  5. Inside the Client key, add two new DWORD (32-bit) Values:

    • Enabled β†’ set value to 1

    • DisabledByDefault β†’ set value to 0

  6. (Optional) Repeat steps 4 and 5 to create a Server key if needed.

  7. Final Step: Restart your computer to apply the changes.

Windows 8.1 and Windows Server 2012 R2

TLS 1.2 is enabled by default, but if disabled, you can manually enable it via Internet Options:

  1. Open Run (Win + R), type inetcpl.cpl, and press Enter.

  2. Go to the Advanced tab.

  3. Scroll down and check Use TLS 1.2.

  4. Click Apply and OK.

Windows 7 and Windows Server 2008 R2

  1. Ensure Service Pack 1 is installed on Windows 7.

  2. Download and install KB3140245 from the Microsoft Update Catalog.

  3. Install the Microsoft Easy Fix 51044 to add registry options for enabling TLS 1.2.

  4. Modify the registry settings for 

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client

    • Set DisabledByDefault to 0

    • Set Enabled to 1

  5. Modify the registry settings for 

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server

    • Set DisabledByDefault to 0

    • Set Enabled to 1

  6. Enable TLS 1.2 for WinHTTP API applications:

    • Add DefaultSecureProtocols = 0x00000A00 to 

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

  7. Restart your computer to apply the changes.

Windows XP and Vista [Not Supported]

Unfortunately, TLS 1.2 is not supported on Windows XP and Vista.

For more details, check out Microsoft's official guide or this comprehensive solution.

Did this answer your question?