Recently I have been using the excellent IISCrypto tool to lock down some servers for PCI compliance. One of the main steps in this process was to close off TLS V1.0. In the past on Windows 2008R2, this was a problem as disabling it used to kill RDP services too. However on Windows 2012 boxes, the default is TLS V1.2 so you can safely do this.
The gotcha came when using web deploy to push my applications to this server, connections failed to the server. This was a client issue. By default, my Windows 10 install seems to be defaulting to TLS V1.0.
To fix the issue, a registry edit is required. Simply create a .reg file with the exact content below, run it, happy days again.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001