troubleshooting Question

Disable SSL 3

Avatar of cja-tech-guy
cja-tech-guyFlag for United States of America asked on
Windows OSSSL / HTTPSGolang
6 Comments1 Solution407 ViewsLast Modified:
Hello Experts
Should we disable SSL 3 on our server?  What other programs will be affected by doing this?

I found the steps below, is this the best way to disable SSL 3?

Thanks,
cja

Microsoft IIS: How to Disable the SSL v3 Protocol

Open the Registry Editor and run it as administrator.

For example, in Windows 2012:

On the Start screen type regedit.exe.

Right-click on regedit.exe and click Run as administrator.

In the Registry Editor window, go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\

Windows Registry Key

In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, SSL 3.0.

In the navigation tree, right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, Client.

In the navigation tree, right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, Server.

In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value.

Windows Registry Key

Name the value DisabledByDefault.

In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.

Windows Registry Key

In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.

In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value.

Windows Registry Key

Name the value Enabled.

In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.

Windows Registry Key

In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.

Restart your Windows server.

You have successfully disabled the SSL v3 protocol.
ASKER CERTIFIED SOLUTION
Patrick Bogers
Datacenter platform engineer Lindows

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 6 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros