Google Chrome – Force TLS 1.1 Support
Chrome://flags/ is the latest and easiest way to set the minimum protocol version in Chrome. Google hangs a red warning over using flags – however, our testing has yielded positive results.
Under “Minimum SSL/TLS version supported.”, change from “Default” to “TLS 1.1″.
Then press the “Relaunch Now” button at the bottom of the page.
Unlike IE and Firefox, Chrome can be made to use TLS 1.1/1.2 by a command-line switch – an argument added to the string that opens up the browser. This can be implemented by setting up a shortcut, but note that ONLY starting Chrome from this shortcut will prevent use of insecure protocols.
To create a secure shortcut:
1. Right-click on your desktop and select “New”, then “Shortcut”.
2. In the “Create Shortcut” panel, browse to the location of your Chrome installation and select the Chrome icon – the default location is:
“C:Program Files (x86)GoogleChromeApplicationchrome.exe”
3. Add the following command line switch –ssl-version-min=tls1.1 after the item location (i.e., after the ending quote) to appear thus:
“C:Program Files (x86)GoogleChromeApplicationchrome.exe” –ssl-version-min=tls1.1
Make sure and separate the switch from the location with a space.
4. Name the shortcut (SSL.com suggests giving it a unique name which will remind you that this shortcut is secure) and click “Finish”.
5. Again, the only way to be certain that your Chrome session is secure will be using your new shortcut.