SolvedPrivate

Using ServerXMLHTTP60 (MSXML) with TLS only

Posted on 2014-11-03
1
34 Views
Last Modified: 2016-02-26
Hi,

I am using a SOAP WebService client with MSXML::ServerXMLHTTP60 component to access the web service.
How can I enforce this COM to use only TLS (and to avoid SSL 2 \ 3) when accessing the web service?

Thanks
0
Comment
Question by:Yaniv Gutman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 86

Accepted Solution

by:
jkr earned 500 total points
ID: 40419818
Well, I assuming your question is connected to POODLE (http://en.wikipedia.org/wiki/POODLE): Since all Windows security components rely on the underlying infrastructure, the SSL2/3 issue should either be fixed with the newest Windows update or taken care of by adjusting the settings. I.e. setting

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]

        "Enabled"=dword:00000000

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]

        "DisabledByDefault"=dword:00000001

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]

        "Enabled"=dword:00000000

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]

        "DisabledByDefault"=dword:00000001

Open in new window


Apart from that, this component does not seem to support any other way of option (http://msdn.microsoft.com/en-us/library/ms763811%28v=vs.85%29.aspx) to control the encryption features that can be used
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question