How to disable SSL v2 / enable SSL v3 on Windows 2008

SSL v2 is weak and outdated protocol. All modern browsers support SSL v3 and it's enabled by default on Windows 2008 (IIS 7 / IIS 7.5). To make sure all clients are using SSL v3 we must disable SSL v2. This is required for PCI compliance.

This is what needs to be done to disable SSL v2:

1. Start - Run
2. Type "regedit" and click OK
3. Locate the following key: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0
4. Right click the "SSL 2.0" key and select Edit > Add key
5. Type "Server" and click Enter
6. Right click Server and select New > Add DWORD (32 bit) value
7. Type "Enabled" as the name and make sure the value is "0"
8. Restart the server

2 comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>