• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4870
  • Last Modified:

Weak SSL Ciphers & Insecure Version of SSL Protocol Accepted

On a Windows 2000 server web server i need to be able to perform the following actions.

The SSL configuration should be changed so that connections using weak (that is, less than 128-bit) encryption ciphers are rejected.

And

The SSL configuration on the listed hosts should be changed so that SSL connections using the insecure version 2 protocol are not accepted.


0
Cooker4246
Asked:
Cooker4246
2 Solutions
 
meverestCommented:
On directory security tab, click 'edit' in 'secure connections', check 'require ssl' and 'require 128 bit'

Cheers.
0
 
Dave_DietzCommented:
For the second part of your question please see the following KB article:

How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll
http://support.microsoft.com/kb/245030/en-us

And to a lesser extent:

How to control the ciphers for SSL and TLS
http://support.microsoft.com/kb/216482/en-us

Dave Dietz
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now