Windows Server 2022 with TLS 1.3 and HTTP/3 or QUIC Protocols

At this time, ProductCart has not been validated on Windows Server 2022 with TLS 1.3 and HTTP/3 or QUIC protocols. We are in the process of setting up a test bed for this exact configuration and this may take some time to complete.

If you happen to have enabled these features on your server and it is causing errors like you not being able to log into your ProductCart Control Panel or you get a webpage in a browser with this error:

"[Your_Website] redirected your too many times. Try Clearing Your Cookies. ERR_TOO_MANY_REDIRECTS"

where [Your_Website] is your store domain, our recommendation is to disable the TLS 1.3  & QUIC protocol on the server by setting the following registry values to 0 and restarting the server:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters\EnableHttp3
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters\EnableAltSvc

To provide the highest supported level of TLS security on the server, our recommendation is to use the IISCrypto tool which can be downloaded at https://www.nartac.com/Products/IISCrypto/Download. Download the GUI version. Run it and click the "Best Practices" button at the bottom, then Apply. This will disable TLS 1.0/1.1 and reorder the cipher suites to meet current best practices. You can backup your settings prior to making any changes on the Advanced tab.

Both of these operations can be performed one after the other, then restart the server, and that should revert the server back to TLS 1.2 support.