Disabling TLS 1.0 breaks ASP.NET application
If you are using .net 4.7 or higher try this.
I have used IIS Crypto for this. You disable TLS 1.0 and 1.1, apply and restart. After this all your applications, SharePoints and sites will use TLS 1.2
You should also indicate the destination version in your web.config file
<system.web> <httpRuntime targetFramework = "4.7.2" /> <compilation targetFramework = "4.7.2"> </compilation> </system.web>
This will make it support TLS 1.2 and also always force this protocol.
Your site could be communicating with something over SSL that doesn't support TLS 1.1+. You could allow outgoing TLS 1.0 connections which the site scanner wouldn't see, but these connections would be less secure.
The application itself must be updated to support TLS 1.2 handshakes, so it's not something you can necessarily change if you only have access to configuration. If the underlying code does not support it, it will not work.
If the code targets .NET 4.6, I believe, TLS 1.2 will work natively. In 4.5, a line of code must be put in place such that it is executed before any networking occurs. The code:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12