Search
Categories
Archives
Links:

PostHeaderIcon Disable SSL 2.0 in IIS

June 25th, 2010 | Author: admin

Why do you want to Disable SSL 2.0 on your web server.  Well the reason is all new SSL certificates now come as SSL 3.0 and the second reason SSL 2.0 is insecure.  It is susceptible to man in the middle attacks.  All Certificates  now only Use SSL 3.0, Now if your site still uses a certificate with SSL 2.0 get a new one.  Alsoif you have a system that scan your site like Macafee Hackersafe or Security Metrics, it will detect that you have SSL 2.0 and it will actually make you PCI in-compliant.  Below are the steps on how to disable SSL 2.0 on a Windows 2003 server with IIS 6.0 installed.

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK
  2. In Registry Editor, locate the following registry key:HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server
  3. On the Edit menu, click Add Value.
  4. In the Data Type list, click DWORD
  5. In the Value Name box, type Enabled, and then click OK
  6. Click OK. Restart the computer

These Instructions work with both IIS 6.0 and IIS 7.0

Posted in Security | Tags: ,

Leave a Reply

Log in
Copyright © 2010 Mindeasy Technology Know how. All Rights Reserved.

Wordpress Theme Designs at newspaper wordpress templates and free theme provided by glasgow airport parking | Powered By Wordpress.org