Articles in Root

How to disable SSL 3.0


Messages encrypted with LOW encryption ciphers are easy to decrypt.  If you have an SSL certificate installed for commercial means, your server should only support MEDIUM or HIGH strength ciphers.  This will guarantee the security of any transactions from the browser to your server.

Does selecting, "Require 128-bit encryption" in the Secure Communications window fix this?

Even though selecting the check box in Secure Communications window to "Require 128-bit encryption," ensure that 128-bit keys are used for encryption, it does not enforce strong SSL/TLS ciphers.  This is because the setting to "Require 128-bit encryption" enables all 128-bit algorithms, including RC2, RC4 and suites that use MD5 for integrity.  As these algorithms will not provide full security, you will need to disable them separately.

Click on Start and then Run.

In the Open: field, type in regedit.  This will bring the Windows Registry (Regedt32.exe).

Once the Windows Registry Editor is open, navigate through the left hand pane to find HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols.