Basic replacement for Get-TlsCipherSuite for older OS versions.

Get-TlsCipherSuite.ps1

Function Get-TlsCipherSuite {
    <#
    .DESCRIPTION
    Get a list of enabled TLS cipher suites for the server.
    This is like the Get-TlsCipherSuite cmdlet but works on older Windows
    versions.
    #>
    [OutputType([string])]
    param ()

    Add-Type -Namespace Bcrypt -Name Native -MemberDefinition @'
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_CONTEXT_FUNCTIONS
{
    public int cFunctions;
    public IntPtr rpgszFunctions;
}

[DllImport("Bcrypt.dll", EntryPoint = "BCryptEnumContextFunctions", CharSet = CharSet.Unicode)]
private static extern int NativeBCryptEnumContextFunctions(
    int dwTable,
    string pszContext,
    int dwInterface,
    ref int pcbBuffer,
    ref IntPtr ppBuffer);

public static IntPtr BCryptEnumContextFunctions(string context, int interfaceId)
{
    int length = 0;
    IntPtr buffer = IntPtr.Zero;
    int res = NativeBCryptEnumContextFunctions(
        1, // CRYPT_LOCAL
        context,
        interfaceId,
        ref length,
        ref buffer);
    if (res != 0)
    {
        throw new System.ComponentModel.Win32Exception(res);
    }

    return buffer;
}

[DllImport("Bcrypt.dll")]
public static extern void BCryptFreeBuffer(
    IntPtr pvBuffer);
'@

    $NCRYPT_SCHANNEL_INTERFACE = 0x00010002
    $buffer = [Bcrypt.Native]::BCryptEnumContextFunctions("SSL", $NCRYPT_SCHANNEL_INTERFACE)
    try {
        $context = [System.Runtime.InteropServices.Marshal]::PtrToStructure($buffer, [type][Bcrypt.Native+CRYPT_CONTEXT_FUNCTIONS])
        $cipherPtr = $context.rpgszFunctions
        for ($i = 0; $i -lt $context.cFunctions; $i++) {
            [System.Runtime.InteropServices.Marshal]::PtrToStringUni(
                [System.Runtime.InteropServices.Marshal]::ReadIntPtr($cipherPtr))
            $cipherPtr = [IntPtr]::Add($cipherPtr, [IntPtr]::Size)
        }
    }
    finally {
        [Bcrypt.Native]::BCryptFreeBuffer($buffer)
    }
}