MSXML2.ServerXMLHTTP and TLS1.2

Okay, so most webservers now have TLS 1.0 and 1.1 disabled, which of course causes code to fail. Also the case for a classic ASP script using MSXML2.ServerXMLHTTP, so Google to the rescue and found this:

It was, surprisingly, easy to convert my existing code in the actual application to use WinHTTP, which appears to work properly enforcing TLS 1.2 on all calls from XP POSReady and Windows 10 (the OS’s where this application will be deployed).

While this isn’t an answer as to why POSReady and XMLServerHTTP calls try to use TLS 1.0 on the first call (despite the registry stating that’s not desirable), it is an acceptable workaround.

For others who may stumble upon this and are hesitant, converting my code was as simple as this:

Set XMLReceive = CreateObject("Msxml2.DOMDocument.6.0")
Set XMLServer = CreateObject("Msxml2.ServerXMLHTTP.6.0")
XMLServer.setTimeouts ResolveTimeoutMs, ConnectTimeoutMs, SendTimeoutMs, ReceiveTimeoutMs

XMLServer.setRequestHeader "User-Agent", "My XML App V1.0"
XMLServer.setRequestHeader "Content-type", "text/xml"
XMLServer.Open "POST", Server_Address, False
XMLServer.send (My_XML_Request_String_or_XML_Document)
Failure = (XMLServer.Status <> 200)
If Not Failure Then XMLReceive.loadXML (XMLServer.ResponseXML.XML)

to:

Set XMLServer = CreateObject("WinHttp.WinHttpRequest.5.1")
Set XMLReceive = CreateObject("Msxml2.DOMDocument.6.0")
XMLServer.setTimeouts ResolveTimeoutMs, ConnectTimeoutMs, SendTimeoutMs, ReceiveTimeoutMs

'force TLS 1.2
XMLServer.Option(9) = 2048
XMLServer.Option(6) = True

XMLServer.Open "POST", Server_Address, False
XMLServer.setRequestHeader "User-Agent", "My XML App V1.0"
XMLServer.setRequestHeader "Content-type", "text/xml"
XMLServer.send (My_XML_Request_String_or_XML_Document)
Failure = (XMLServer.Status <> 200)
If Not Failure Then XMLReceive.loadXML (XMLServer.ResponseText)

Good luck!