Solved

How to disable SSL 3.0 in IE and the registry on W2008 servers

Posted on 2015-01-21
2
586 Views
Last Modified: 2015-01-22
We're trying to ensure that our W2008 servers do not use SSL 3.0. I've disabled the keys under HKey Local Machine and in IE but the servers are still using SSL 3.0. There must be another setting somewhere. Any ideas?
0
Comment
Question by:allysonhouston
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40563673
I believe you have followed this to disable the client and server - do first close all open Internet Explorer windows and re-test @ https://technet.microsoft.com/en-us/library/security/3009008.aspx

But for the registry specifically, do check this out instead. By default, Client SSL 2.0 is disabled in Windows Server 2008, Windows Server 2008 R2, and Windows 7. This means that the computer will not use SSL 2.0 to start a Client Hello. So to disable SSLv3 protocols, see below
 @ https://support.microsoft.com/kb/245030

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Client]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000

After you do take this action, you have to restart the server.
0
 

Author Closing Comment

by:allysonhouston
ID: 40564110
Thank you for the clarification!
0

Featured Post

Increase your protection from Zero Day threats!

Running two Antivirus' is never a good idea.
Taking advantage of Multiple Security layers on the other hand can often save your hide.
See which top notch security software brands have been proven to happily coexist together.
Reduce your chances of becoming a statistic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PCI scan - CIFS NULL Session Permitted 10 227
Password reset 1 54
Rensome / malware protection 9 117
Utility/method to unlock Win 10 OS 8 107
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question