How to disable SSL 3.0 in IE and the registry on W2008 servers

We're trying to ensure that our W2008 servers do not use SSL 3.0. I've disabled the keys under HKey Local Machine and in IE but the servers are still using SSL 3.0. There must be another setting somewhere. Any ideas?
allysonhoustonAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
I believe you have followed this to disable the client and server - do first close all open Internet Explorer windows and re-test @ https://technet.microsoft.com/en-us/library/security/3009008.aspx

But for the registry specifically, do check this out instead. By default, Client SSL 2.0 is disabled in Windows Server 2008, Windows Server 2008 R2, and Windows 7. This means that the computer will not use SSL 2.0 to start a Client Hello. So to disable SSLv3 protocols, see below
 @ https://support.microsoft.com/kb/245030

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Client]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000

After you do take this action, you have to restart the server.
0
 
allysonhoustonAuthor Commented:
Thank you for the clarification!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.