Apparently, Windows 11 24H2 removes the following ciphers:

• TLS_RSA_WITH_3DES_EDE_CBC_SHA

• TLS_RSA_WITH_RC4_128_SHA

• TLS_RSA_WITH_RC4_128_MD5

So, these have to be added back and enabled.

PowerShell code to add these ciphers back and enable them

You can use the following PowerShell code to add these ciphers back and enable them. After running, the script calls out that you need to reboot also for these changes to take effect.

$regPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002"
$currentCiphers = (Get-ItemProperty -Path $regPath).Functions

# Legacy cipher suites for SQL 2005
$legacySuites = @(
    "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
    "TLS_RSA_WITH_RC4_128_SHA",
    "TLS_RSA_WITH_RC4_128_MD5"
)

# Add missing cipher suites to the SSL Functions list
$missing = $legacySuites | Where-Object { $_ -notin $currentCiphers }
if ($missing.Count -gt 0) {
    Write-Output "Adding missing cipher suites: $($missing -join ', ')"
    $newList = $currentCiphers + $missing
    Set-ItemProperty -Path $regPath -Name "Functions" -Value $newList
} else {
    Write-Output "All required cipher suites already present."
}

# Enable legacy cipher algorithms in SCHANNEL
$cipherPaths = @(
    "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128",
    "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128",
    "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128",
    "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128",
    "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168"
)

foreach ($path in $cipherPaths) {
    if (-not (Test-Path $path)) {
        New-Item -Path $path -Force | Out-Null
    }
    Set-ItemProperty -Path $path -Name "Enabled" -Value 1 -Type DWord
}

Write-Output "Legacy ciphers are now enabled. Please reboot to apply changes."