IIS7 – post #69 – Remember to disable SSL 2.0

I’m not certain why SSL 2.0 isn’t disabled on Windows Server 2008 by default, but here is the KB article to remember to do that on your system.


http://support.microsoft.com/kb/187498


How to test if you accept SSL 2.0 using IE is go to Internet options > Advanced > Under Security.  Toggle the various levels.  Uncheck everything and leave 2.0 checked, which I think in IE8 is turned off by default.  It took me a couple tries to understand the concept after disabling SSL 2.0 on my IIS 7 server.  This is one necessary item for PCI compliance among many others. 🙂


 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s