We help IT Professionals succeed at work.

PCT 1.0 and Disable SSL 2.0 Server 2008 x64

Medium Priority
2,821 Views
Last Modified: 2013-11-29
Not that I should be surprised but I cannot find PCT 1.0 or the other settings required to disable SSL 2.0 on my Server 2008 x64 with IIS 7.0.  According to Microsoft, http://support.microsoft.com/kb/187498 , I should see all sorts of Keys in the registry under HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols or lord knows where because the KB is USELESS!!!   Does anyone know what settings, what the keys are etc. to disable SSL 2.0 on Windows 2008 Server.  I need SSL but I can't be running 2.0 to pass site certification for PCI.
Comment
Watch Question

Cryptographic Engineer
CERTIFIED EXPERT
Commented:
You may need to add the entries to the registry so you can disable them.  Here's a quick article to save some typing:
http://forums.iis.net/t/1151822.aspx

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
You rock!  If only the posts on this subject could be clear!  All one needs to do is add the registry keys, funny thats not mentioned in the article, just that you might need to edit them.  Which of course leads one to believe something is missing when the keys aren't there.  Just like your post says of the incredibly lame KB tries to say, add the registry key listed in the KB that you need to disable....in this case  HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server and add the DWORD to disable it.  Yes in Windows Server 2008 Standard x64 NONE of these keys are there, you need to add everything below Protocols!

To become PCI Compliant, assuming the only error you have is SSL 2.0 you need to add the above mentioned key (HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server) add the DWORD Enabled set it to 0 and reboot.  You will suddenly pass! and SSL will continue to work, just not version 2.0
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.