In order to use Transport Layer Security (TLS) with EmpowerID, you must apply Microsoft patches to the SQL server and client machines, and add registry settings to the EmpowerID server and client machines.
Prerequisites
The .NET Framework version 4.5 or higher must be installed on the EmpowerID server.
To configure the EmpowerID server machine
From the Start menu, open the Registry Editor (regedit).
You only need to install this patch on Windows 7 or Windows 2012 R2 client machines from which the user wants to connect remotely using Privileged Session Manager (PSM) to a machine with TLS 1.x.
From the Start menu, open the Registry Editor (regedit).
If the TLS 1.1 or Server or Client subkeys do not exist under the Protocols key, add them by right-clicking the parent key and selecting New, then Key, and entering the key name.
Right-click Client, select New, then DWORD (32-bit) Value, and set the Value name to DisabledByDefault. (Leave the Value data to the default value of 0.)