Disable SSLv2 and SSLv3 protocols on Microsoft IIS and windows Server
Disable SSLv2 and SSLv3
Automatic method
Disable SSLv2
- Download the file disableSSLv2.reg.
- Save the file disableSSLv2.reg on your server.
- Doucle-click on disableSSLv2.reg
- SSLv2 protocol is now disabled.
- You can now check that the protocol has correctly been disable with our tool Copibot.
Disable SSLv3
- Download the file disableSSLv3.reg.
- Save the file disableSSLv3.reg on your server.
- Doucle-click on disableSSLv3.reg
- SSLv3 protocol is now disabled.
- You can now check that the protocol has correctly been disable with our tool Copibot.
Manual method
- Launch regedit from the Run tool of Windows available via the Run menu or the keyboard shortcut Win+r
- Access your key in the dropdown list at the left hand side of your screen
(key) HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders
\SCHANNEL\Protocols. Then access the SSL 2.0 sub-key. If it doesn't exist you will have to create it with a right-click on the parent key, here Protocols. Keys and values are case-sensitive.
- Then select the Serversub-key (case-sensitive, create it if it does not exist). Right-click on the right side of the window and select the sub-menu New - DWORD (32 bit) Value.
Name it Enabled (case-sensitive) and give it the value 00000000 (it is the default value).
- Repete the operation with the SSL 3.0 key (case-sensitive).
- Relaunch your server.
- You can now check that the protocols have correctly been disable with our tool Copibot.
External links
- Microsoft knowledge base: Please note, the French version also translate the register keys that could to handling errors. We advise to consult the English version of this page.
- IIS Crypto: Tool developed by Nartac that allows you to customize protocol and cipher support on Windows.
Last edited on 02/19/2018 16:02:10 --- [search]