Cipher Suites for Windows Server 2008 R2

Zeeshan Afzal
Zeeshan Afzal used Ask the Experts™
on
I want to add below cipher suits in my Windows Server 2008 R2 SP1 Standard as required by our security team. As per my research (see below links) these cipher suits are not supported by Windows Server 2008 R2 and are only available in Windows Server 2016.  Can someone conform me this? Also please let me know if there is any possibility to use these ciphers.

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

https://docs.microsoft.com/en-us/windows/desktop/secauthn/cipher-suites-in-schannel

https://docs.microsoft.com/en-us/windows/desktop/secauthn/tls-cipher-suites-in-windows-10-v1607

https://docs.microsoft.com/en-us/windows/desktop/secauthn/tls-cipher-suites-in-windows-7
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018
Commented:
First 2, not at all. Next 2 appear like they're supported.

The last 4 appear to be within 2008R2, under the section of being supported by Schannel but not enabled by default. However, you'd also have to get ECDSA certificates for those to work.
Zeeshan AfzalSystem Engineer - Microsoft Technologies

Author

Commented:
Thanks for your response, how can I check if my existing certificate is ECDSA or not?
Distinguished Expert 2018

Commented:
Chances are they are not. I would recommend simply checking with your certificate vendor.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial