We help IT Professionals succeed at work.
Get Started

Disable SSL 3

406 Views
Last Modified: 2017-04-13
Hello Experts
Should we disable SSL 3 on our server?  What other programs will be affected by doing this?

I found the steps below, is this the best way to disable SSL 3?

Thanks,
cja

Microsoft IIS: How to Disable the SSL v3 Protocol

Open the Registry Editor and run it as administrator.

For example, in Windows 2012:

On the Start screen type regedit.exe.

Right-click on regedit.exe and click Run as administrator.

In the Registry Editor window, go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\

Windows Registry Key

In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, SSL 3.0.

In the navigation tree, right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, Client.

In the navigation tree, right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key.

Windows Registry Key

Name the key, Server.

In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value.

Windows Registry Key

Name the value DisabledByDefault.

In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.

Windows Registry Key

In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.

In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value.

Windows Registry Key

Name the value Enabled.

In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.

Windows Registry Key

In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.

Restart your Windows server.

You have successfully disabled the SSL v3 protocol.
Comment
Watch Question
Datacenter platform engineer Lindows
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 1 Answer and 6 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE