请稍候...
  • 通配符证书Wildcard SSL,部署全网HTTPS必备
  • 为什么使用企业型SSL证书?
  • 增强型证书EV SSL,完美支持地址栏显示中文企业名称
  • HTTPS今天你用了吗?
  • 多域名SANS/UCC SSL证书,全面支持Exchange Server 2..
  • 选择SSL证书产品遇到问题?

如何让Windows Server 2008 R2 IIS 7.5 支持TLS 1.1, TLS 1.2

点击数:112812016-04-23 21:22:09 来源: tecadmin

Now a days there are a SSL vulnerability called POODLE discovered by Google team in SSLv3 protocol. So uses of SSLv3 is not secure to use. Now its recommended to use TLS 1.1 or TLS 1.2. This article will help you enable TLS security in Windows Server 2008 R2 or later versions by editing registry.

Step 1: Backup Registry Values

We strongly recommend to take a backup of registry before making any changes. Use below link to find steps to how to export registry values.

http://windows.microsoft.com/en-in/windows/back-up-registry

Step 2: Enable TLS 1.1 and TLS 1.2

2.1 Open registry on your server by running ‘regedit‘ in run window and navigate to below location.

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols

2.2 Add the TLS 1.1 and TLS 1.2 keys under Protocols. It will looks like directories.

How to Enable TLS 1.1, TLS 1.2 on Windows Server 2008 R2 and IIS 7.5

2.3 Now create two keys Client and Server under both TLS keys.

2.4 Now create the DWORD Values under Server and Client key as following

  DisabledByDefault [Value = 0]
  Enabled [Value = 1]

How to Enable TLS 1.1, TLS 1.2 on Windows Server 2008 R2 and IIS 7.5

Step 3: Disable SSLv3 and Older Version

3.1 Open registry on your server by running ‘regedit’ in run window and navigate to below location.

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocols

3.2 Now change DWORD Values under Server and Client under SSLv3 and Older SSL version keys.

  DisabledByDefault [Value = 0]
  Enabled  [Value = 0]

After making all above setting reboot your server.

上一页1下一页