I've been asked to look at a server for a customer as they are having trouble getting TLS 1.1 or 1.2 support to work. Their server integrates with a payment provider who will be requiring 1.2 soon.
According to Microsoft, this should be supported since they released update 4019276. https://support.microsoft.com/en-us/help/4019276/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows
However, Windows Update does not seem to list this update, and attempting to install manually just returns "The update does not apply to your system"
I'm at a loss as to why this update refuses to install.
Edit: Answering some questions from the first answer
- The update does not appear to be installed unless there's something broken causing it to not appear in Programs/Features
- The requirements for the update list only SP2 which is installed
- The customer is using IISCrypto to manage settings but this does not list 1.1 or 1.2 as an option.
Did you check if the update was maybe already installed (under installed updates)?
If you checked and it's not there: Are there dependencies unresolved? Also, when you tried to manually install it, did you download the right version? Check here: http://www.catalog.update.microsoft.com/search.aspx?q=kb4019276
Another thing is, that Windows Server 2008 does not activate TLS 1.2 by default just because it's installed (and yes that is a bad thing). Had to find this out the hard way.
You have to activate TLS support in the Registry. Luckily, there is a free tool for that, IISCrypto, which lets you set Protocols and Ciphers:
https://www.nartac.com/Products/IISCrypto
Finally just a hint: Win Server 2008 SP2 is reaching end of life in January 2020, so prepare for that.