Disable SSLv2 and SSLv3 protocols on Microsoft IIS and windows Server

Disable SSLv2 and SSLv3

Automatic method

Disable SSLv2

• Download the file disableSSLv2.reg.
• Save the file disableSSLv2.reg on your server.
• Doucle-click on disableSSLv2.reg
• SSLv2 protocol is now disabled.
• You can now check that the protocol has correctly been disable with our tool Copibot.

Disable SSLv3

• Download the file disableSSLv3.reg.
• Save the file disableSSLv3.reg on your server.
• Doucle-click on disableSSLv3.reg
• SSLv3 protocol is now disabled.
• You can now check that the protocol has correctly been disable with our tool Copibot.

Manual method

• Launch regedit from the Run tool of Windows available via the Run menu or the keyboard shortcut Win+r
  
  
• Access your key in the dropdown list at the left hand side of your screen (key) HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols. Then access the SSL 2.0 sub-key. If it doesn't exist you will have to create it with a right-click on the parent key, here Protocols. Keys and values are case-sensitive.
  
  
• Then select the Serversub-key (case-sensitive, create it if it does not exist). Right-click on the right side of the window and select the sub-menu New - DWORD (32 bit) Value.
  
  
  Name it Enabled (case-sensitive) and give it the value 00000000 (it is the default value).
  
  
• Repete the operation with the SSL 3.0 key (case-sensitive).
  
  
• Relaunch your server.
• You can now check that the protocols have correctly been disable with our tool Copibot.

External links

• Microsoft knowledge base: Please note, the French version also translate the register keys that could to handling errors. We advise to consult the English version of this page.
• IIS Crypto: Tool developed by Nartac that allows you to customize protocol and cipher support on Windows.