Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

PCT 1.0 and Disable SSL 2.0 Server 2008 x64

Posted on 2009-02-09
2
Medium Priority
?
2,743 Views
Last Modified: 2013-11-29
Not that I should be surprised but I cannot find PCT 1.0 or the other settings required to disable SSL 2.0 on my Server 2008 x64 with IIS 7.0.  According to Microsoft, http://support.microsoft.com/kb/187498 , I should see all sorts of Keys in the registry under HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols or lord knows where because the KB is USELESS!!!   Does anyone know what settings, what the keys are etc. to disable SSL 2.0 on Windows 2008 Server.  I need SSL but I can't be running 2.0 to pass site certification for PCI.
0
Comment
Question by:acasgar
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 2000 total points
ID: 23594930
You may need to add the entries to the registry so you can disable them.  Here's a quick article to save some typing:
http://forums.iis.net/t/1151822.aspx
0
 
LVL 2

Author Comment

by:acasgar
ID: 23600131
You rock!  If only the posts on this subject could be clear!  All one needs to do is add the registry keys, funny thats not mentioned in the article, just that you might need to edit them.  Which of course leads one to believe something is missing when the keys aren't there.  Just like your post says of the incredibly lame KB tries to say, add the registry key listed in the KB that you need to disable....in this case  HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server and add the DWORD to disable it.  Yes in Windows Server 2008 Standard x64 NONE of these keys are there, you need to add everything below Protocols!

To become PCI Compliant, assuming the only error you have is SSL 2.0 you need to add the above mentioned key (HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server) add the DWORD Enabled set it to 0 and reboot.  You will suddenly pass! and SSL will continue to work, just not version 2.0
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Dropbox has a relatively new feature called Smart Sync.  This feature allows Dropbox Professional (not plus) and Dropbox Business (if enabled) users to store information in Dropbox WITHOUT storing any files on their computer.
MS Outlook undoubtedly is the most widely used email client.Its user-friendliness, cost effectiveness, and availability with Microsoft Office Suite make it the most popular email application.  Its compatibility with Microsoft applications like Exch…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question