When attempting to install modules from the Powershell Gallery, you may get errors on older versions of Windows Server (2008-2012R2), even after updating PowerShell to more recent versions. The errors are concerning unable to install the NuGet provider, required to download packages from PSGallery.
Errors are similar to:
The reason for this is a problem with the cryptographic providers enabled on your system. PowerShell 5.1 enables SSL 3.0 and TLS 1.0 for secure HTTP connections, which are both deprecated in favour of TLS 1.2 and 1.3. You can verify this by running this cmdlet:
[Net.ServicePointManager]::SecurityProtocol Ssl3, Tls
To resolve the issue, enable TLS 1.2:
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
The first cmdlet enables TLS 1.2 for 64-bit .NET, the second for 32-bit .NET.
After running the cmdlets, restart Powershell (reboot of the server is not required), and re-check the enabled cryptographics:
[Net.ServicePointManager]::SecurityProtocol Tls, Tls11, Tls12
You can now proceed with installing packages. If NuGet hasn't been installed yet, it will be pulled in and installed as a dependency.