We help IT Professionals succeed at work.

TLS ciphers - how to disable in Windows Registry

6,944 Views
Last Modified: 2014-11-23
Hi All,

I need to disable the below ciphers.

TLSv1
      EXP-EDH-RSA-DES-CBC-SHA      Kx=DH(512)     Au=RSA      Enc=DES-CBC(40)          Mac=SHA1   export    
      EXP-DES-CBC-SHA              Kx=RSA(512)    Au=RSA      Enc=DES-CBC(40)          Mac=SHA1   export    
      EXP-RC4-MD5                  Kx=RSA(512)    Au=RSA      Enc=RC4(40)  

I know this should be done from the registry here: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\xxxxx

However I'm not sure what the registry keys should be named to for the above ciphers, could someone help me with this?

Thanks you!
Comment
Watch Question

David Paris VicenteInfrastructure Designer

Commented:
Hi Gary,

A few weeks ago I helped another user with a similar problem here is the link, in this post I point to another link with several steps to solved a similar problem, please also check here
I hope it could help you solve your issues.

Regards
gmanInfrastructure Engineer

Author

Commented:
Thanks David,

I know how to disable the ciphers however I'm unsure of the naming conversion for the registry keys. I ran the tool you suggested 'SSLSmart' would the key's just be named the same as the cipher name. See screen.

SSL Scan result
Infrastructure Designer
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.