Skip to main content

Disable SSLV2 & Weak SSL Ciphers on IIS

Seems that there is a lot of confusion for people who manage windows/IIS servers and need to disable SSL 2 and older weaker encryption. There are are few nice articles, but can sometimes be confusing unless you really know your way around the Windows Registry. I hope I can simplify this for some people.

Important: There is no need to purchase a utility to do this. Save the money. Some companies charge you $20 or more per server to have a utility to easily click and enable/disable these services.Ok here is the help. For techies who want reference material, here is the good stuff:
The easy part: I have created a .reg file you can download and merge on your windows 2003 server that will disable ssl2 and weak ciphers. Important: This works for me, your mileage may vary. Always backup first. I won't help you if you break your server because you didn't do a backup first. You can test your server to see if you have SSL2 still enabled by going to here: Download: disable_weak_ciphers.reg (downloads as a text file, then rename it to have a .reg extension)

Download this file, rename it to have a .reg extension, right click on it and merge it into the registry. Then do a reboot and when the server comes back online, test again with the above link -- SSL2 should be disabled.

Tweak as you like, no warranty! no warranty! By using this you indemnify me from any liabilities!!!

If this helped you and saved you money, then let me know :) If you feel really compelled to spend money, then donate a few $'s to me by paypal at aschwabe (at) gmail (dot) com.


Popular posts from this blog

Installing python 3.4.x on OSX El Capitan

I love "brew" package manager, but sometimes being too progressive breaks things.  I have several python apps that I maintain that get deployed to AWS using Elastic Beanstalk.  AWS eb can deploy with python 2.7 or 3.4.  Any recent 'brew install python3" will get 3.5.1. #annoying

Making Macbook Air with 128GB SSD usable with Bootcamp

I recently got a new Macbook Air 11" (the 2012 version) and loaded it with goodies like 8GB ram and 2GHz Core i7.  What I DIDN'T upgrade was the internal SSD.  My config came with 128GB SSD and I refused to pay $300+ to upgrade it to 256GB.  Yeah I know, some call me cheap, but SSds cost $75-$150 for 240GB, so adding another 128GB for $300 seemed way too steep for me.  I figured "ok, I'm going to make 128G work!"

Here is the story of how that went...

Election day plus 1: Social Media Nightmare

It is election day plus 1, and a very emotional day with no way to win for many.

Social media was a force to be reckoned with this election year.  No matter what position you take, the world is ready to pounce on you and tell you why YOU are evil, intolerant or a deplorable -- and the reason for all their woes.  This isn't a new problem, though...  All of the liberal vs conservative issues are causing rifts between otherwise civil people, and it seems to be the worst on Facebook and twitter.

If I say I am for Hillary:
i am part of the "corrupt system."

If I say I am against Hillary:
I am stupid and uneducated

If I say I am for Trump:
I am against women,
I am religiously intolerant,
I am a bigot

If I say I am against Trump:
I am against the 2nd amendment,
I don't have any idea how government works,
I am part of the problem with American society,
I am against the police

Stay with me now, this isn't meant to make people angry, but it is mean to shine some light on a social …