This may or may not apply, but here is what I had done to overcome one of these errors that clients saw after we attempted to update the TLS 1.2 protocol on the Servers in prep for a UPS update.
Here's the Registry Key that I was accessing: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\
Then, within that location, there are sub-keys for PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1 & TLS 1.2. Within each of those sub-keys, there are sub-keys called Client and Server.
Each of these final sub-keys (Client & Server) contains a REG_DWORD entry for DisableByDefault & Enabled. I just copied over those values from WEB1 to WEB2. Here are the values as they stand currently:
PCT 1.0
Client:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
SSL 2.0
Client:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
SSL 3.0
Client:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
TLS 1.0
Client:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
TLS 1.1
Client:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000000 (0)
Enabled - 0x00000001 (1)
TLS 1.2
Client:
DisableByDefault - 0x00000001 (1)
Enabled - 0x00000001 (1)
Server:
DisableByDefault - 0x00000001 (1)
Enabled - 0x00000001 (1)
* Microsoft Document link: https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings