SSL for W2K Server

nickpoulos
nickpoulos used Ask the Experts™
on
I am hosting a website (popswine.com) on a W2K server. There is a valid SSL but our customers are getting "site not secure" errors with the implementation of the new browser rules.

Is there a fix and/or a SSL that will run on a W2K server.

We are planning an update but I'm looking for a "band-aid" if one exists.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Business Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
That server is so far out of date that it will not and cannot keep up with current security. Move up your upgrade plans to today.

Author

Commented:
Tried moving it to W2003, W2008 & W2012. Unfortunately code doesn't work well so it looks like a re-write will be necessary
btanExec Consultant
Distinguished Expert 2018
Commented:
You can try out the SSLTest to help surface the weak areas. I presume your website is "www.popswine.com". If you look at the score, it is actually quite bad - https://www.ssllabs.com/ssltest/analyze.html?d=www.popswine.com&latest 

Largely is due to the use of a very old W2K server as it has very weak cipher even though it is SSL - having the vulnerable version actually. I proposed that you upgrade your Win2K server as it is already end of life and there is no longer security patches for it. It is vulnerable to the internet threats and band aids may not really work if you are thinking to do a simpler change to application or certificate to the server.

Plan for change asap. Meanwhile, suggest you subscribe to Cloudflare or DosArrest cloud security provider which will have the web appl firewall to provide you that shield and buy you time to make the server changes and upgrades needed.
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

Top Expert 2016
Commented:
You have to replace your thwate certificates since they used Symantec as their root authority
https://www.digicert.com/replace-your-symantec-ssl-tls-certificates/
btanExec Consultant
Distinguished Expert 2018

Commented:
For author advice
btanExec Consultant
Distinguished Expert 2018

Commented:
No further inputs received

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial