How to disable SSL v2/v3 and other weak ciphers on IIS (v2)

Modified on Sun, 17 Jul 2016 at 09:12 PM

Symptom:

When scanning a SFE or PVWA website using an SSL checker, you receive a low score

Cause:

This is caused by IIS supporting protocols with known hacks and or weak ciphers


Solution:
In order to solve the problem, in an easier way, please download the tool IISCrypto from the following link:
https://www.nartac.com/Products/IISCrypto

Run the software and set the configuration parameters according to the following picture:


After pressing apply, restart the server and re-scan the server to receive the new scoring.

More information can be found in the following link:
https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article