Mindeasy Technology Know how » SSL http://mindeasy.com Just another WordPress weblog Wed, 21 Jul 2010 23:12:24 +0000 en hourly 1 http://wordpress.org/?v=6673 Disable SSL 2.0 in IIS http://mindeasy.com/2010/06/disable-ssl-2-0-in-iis/ http://mindeasy.com/2010/06/disable-ssl-2-0-in-iis/#comments Fri, 25 Jun 2010 23:34:48 +0000 admin http://mindeasy.com/?p=13 Why do you want to Disable SSL 2.0 on your web server.  Well the reason is all new SSL certificates now come as SSL 3.0 and the second reason SSL 2.0 is insecure.  It is susceptible to man in the middle attacks.  All Certificates  now only Use SSL 3.0, Now if your site still uses a certificate with SSL 2.0 get a new one.  Alsoif you have a system that scan your site like Macafee Hackersafe or Security Metrics, it will detect that you have SSL 2.0 and it will actually make you PCI in-compliant.  Below are the steps on how to disable SSL 2.0 on a Windows 2003 server with IIS 6.0 installed.

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK
  2. In Registry Editor, locate the following registry key:HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server
  3. On the Edit menu, click Add Value.
  4. In the Data Type list, click DWORD
  5. In the Value Name box, type Enabled, and then click OK
  6. Click OK. Restart the computer

These Instructions work with both IIS 6.0 and IIS 7.0

]]> http://mindeasy.com/2010/06/disable-ssl-2-0-in-iis/feed/ 0