Go Premium for a chance to win a PS4. Enter to Win

x
?
SolvedPrivate

Using ServerXMLHTTP60 (MSXML) with TLS only

Posted on 2014-11-03
1
Medium Priority
?
61 Views
Last Modified: 2016-02-26
Hi,

I am using a SOAP WebService client with MSXML::ServerXMLHTTP60 component to access the web service.
How can I enforce this COM to use only TLS (and to avoid SSL 2 \ 3) when accessing the web service?

Thanks
0
Comment
Question by:Yaniv Gutman
1 Comment
 
LVL 86

Accepted Solution

by:
jkr earned 1500 total points
ID: 40419818
Well, I assuming your question is connected to POODLE (http://en.wikipedia.org/wiki/POODLE): Since all Windows security components rely on the underlying infrastructure, the SSL2/3 issue should either be fixed with the newest Windows update or taken care of by adjusting the settings. I.e. setting

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]

        "Enabled"=dword:00000000

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]

        "DisabledByDefault"=dword:00000001

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]

        "Enabled"=dword:00000000

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]

        "DisabledByDefault"=dword:00000001

Open in new window


Apart from that, this component does not seem to support any other way of option (http://msdn.microsoft.com/en-us/library/ms763811%28v=vs.85%29.aspx) to control the encryption features that can be used
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question