Solved

Weak SSL Ciphers & Insecure Version of SSL Protocol Accepted

Posted on 2007-11-30
2
4,825 Views
Last Modified: 2012-06-27
On a Windows 2000 server web server i need to be able to perform the following actions.

The SSL configuration should be changed so that connections using weak (that is, less than 128-bit) encryption ciphers are rejected.

And

The SSL configuration on the listed hosts should be changed so that SSL connections using the insecure version 2 protocol are not accepted.


0
Comment
Question by:Cooker4246
2 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 125 total points
ID: 20385482
On directory security tab, click 'edit' in 'secure connections', check 'require ssl' and 'require 128 bit'

Cheers.
0
 
LVL 34

Assisted Solution

by:Dave_Dietz
Dave_Dietz earned 125 total points
ID: 20409216
For the second part of your question please see the following KB article:

How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll
http://support.microsoft.com/kb/245030/en-us

And to a lesser extent:

How to control the ciphers for SSL and TLS
http://support.microsoft.com/kb/216482/en-us

Dave Dietz
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now