Supportability of XBAP + ClientFormsAuthenticationMembershipProvider + WCF Message Security + TLS 1.2-only in IE11 / PresentationHost.exe (.NET 4.8)

We are troubleshooting the following architecture scenario:

Client: XBAP application (.xbap) running in IE11 / PresentationHost.exe on Windows Server 2022

WCF Service Binding: wsHttpBinding with Security mode="Message" (certificate used for encryption)

XBAP uses ClientFormsAuthenticationMembershipProvider for login/authentication

TLS Configuration:

DotNET TLS Settings-

     App.config (
     
           Progrmatically enable the TLS 1.2 in XBAP(System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12)
           
              TLS 1.2 enabled and enforced (TLS 1.0 and TLS 1.1 explicitly disabled via SCHANNEL registry)
              
                 Cipher Suites modern and in compliance with Windows guidelines ("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002"))
                 
                 Certificates used for Message security: 2048-bit RSA with SHA-256
                 
                  XBAP Client and web Server can access certificate private key
                 

Observed issue:

When operating in TLS 1.2-only mode, the WCF Message Security negotiation fails with the following error:

System.ServiceModel.Security.SecurityNegotiationException: SOAP security negotiation failed. ---> System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm.

If TLS 1.0 is enabled, the same application works successfully.

Questions:

1. Why is this scenario not working with TLS 1.2 only mode?
2. Are there any guidance and documents to handle this for production deployments?