Solved

How to enable TLS V 1.0 on Windows 2008 Server

Posted on 2014-11-19
3
387 Views
Last Modified: 2015-03-05
Hello Team,

Can someone guide me on how to enable TLS V 1.0 on my windows 2008 R2 server. I just disabled SSL 2.0 and was told by our security expert I should have TLS V 1.0 enabled instead.

Thank you.
0
Comment
Question by:exTechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 58

Assisted Solution

by:Gary
Gary earned 333 total points
ID: 40452594
It shouldn't be disabled to start with
v3 will be used, falling back to v2 and then to v1
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 333 total points
ID: 40452608
You can test it here
https://www.ssllabs.com/ssltest/index.html

When it's finished look under Configuration > Protocols
TLS v1, v2 and v3 should be "Yes" and the SSL versions should be "No"
0
 
LVL 4

Accepted Solution

by:
FrankCrast earned 167 total points
ID: 40456979
Hello, you should also disable SSL v3 in addition to v2. Check out articles below that can help with steps needed to enable TLS 1.0, 1.1, and 1.2 as well.

Mitigating SSL v3: https://technet.microsoft.com/en-us/library/security/3009008.aspx

Details for adding support for TLS 1.0/1.1/1.2: How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll: http://support.microsoft.com/kb/245030 

Poodle attack (due to SSL vulnerability): http://www.scmagazine.com/mitm-attacks-can-force-a-downgrade-to-ssl-30/article/377513/

Hope this helps.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question