Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Weak SSL Ciphers & Insecure Version of SSL Protocol Accepted

Posted on 2007-11-30
2
Medium Priority
?
4,847 Views
Last Modified: 2012-06-27
On a Windows 2000 server web server i need to be able to perform the following actions.

The SSL configuration should be changed so that connections using weak (that is, less than 128-bit) encryption ciphers are rejected.

And

The SSL configuration on the listed hosts should be changed so that SSL connections using the insecure version 2 protocol are not accepted.


0
Comment
Question by:Cooker4246
2 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 500 total points
ID: 20385482
On directory security tab, click 'edit' in 'secure connections', check 'require ssl' and 'require 128 bit'

Cheers.
0
 
LVL 34

Assisted Solution

by:Dave_Dietz
Dave_Dietz earned 500 total points
ID: 20409216
For the second part of your question please see the following KB article:

How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll
http://support.microsoft.com/kb/245030/en-us

And to a lesser extent:

How to control the ciphers for SSL and TLS
http://support.microsoft.com/kb/216482/en-us

Dave Dietz
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question