Enable and Use TLS 1.3 Protocol to Send Email on Windows 10 and Windows 11¶

Send Email over TLS 1.3¶

You don’t have to set any property to enable TLS 1.3 encryption. If your server requires TLS 1.3 encryption, TLS 1.3 encryption is used automatically with ConnectSSLAuto, ConnectSTARTTLS or ConnectDirectSSL.

But you must set EnabledSslProtocols property to SslProtocols.None to let system use TLS 1.3 protocol automatically. For ActiveX version, you don’t have to set any property.

// add this line before calling SendMail method.
smtp.EnabledSslProtocols = SslProtocols.None;
smtp.SendMail(server, mail);

// You can use LastUsedSslProtocol to detect what TLS version is used.
Console.WriteLine(smtp.LastUsedSslProtocol.ToString());

Here are some online examples:

.NET framework:

• Send Email over SSL/TLS in C#
• Send Email over SSL/TLS in VB.NET
• Send Email over SSL/TLS in C++/CLI

ActiveX Object:

• Send Email over SSL/TLS in VB6.0/VBA/VBScript
• Send Email over SSL/TLS in Delphi
• Send Email over SSL/TLS in Visual C++

Enable TLS 1.3 on Windows 10¶

Add/merge the following registry keys to enable TLS 1.3

Put the following content to a file named Tls13.reg, right-click this file -> Merge -> Yes.

You can also download it from https://www.emailarchitect.net/webapp/download/tls13.zip.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001

Enable TLS 1.3 on Windows 11¶

Windows 11 has enabled TLS 1.3 by default, you don’t have to do anything to enable TLS 1.3 on Windows 11.

Enable TLS Strong Encryption Algorithms in .NET 2.0 and .NET 4.0¶

Add/merge the following registry keys

Put the following content to a file named NetStrongEncrypt.reg, right-click this file -> Merge -> Yes. You can also download it from https://www.emailarchitect.net/webapp/download/NetStrongEncrypt.zip.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001