The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cipher Suite for Windows Server 2003 SP2

Discussion in 'Security' started by snowfrost, Aug 17, 2016.

Tags:
  1. snowfrost

    snowfrost Registered

    Joined:
    Aug 16, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    sing
    cPanel Access Level:
    Root Administrator
    Hi All,

    My application is using Windows Server2003 SP2 and we have enabled TLS1.0. Can I check how do I check the Cipher Suite that is enabled in the server ? I am not able to find the option "SSL Configuration Option" in the Group Policy Editor.

    Is the below the default list of ciphers for Server 2003?

    • TLS_RSA_WITH_RC4_128_MD5
    • TLS_RSA_WITH_RC4_128_SHA
    • TLS_RSA_WITH_3DES_EDE_CBC_SHA
    • TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
    • TLS_RSA_WITH_DES_CBC_SHA
    • TLS_DHE_DSS_WITH_DES_CBC_SHA
    • TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
    • TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
    • TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
    • TLS_RSA_EXPORT_WITH_RC4_40_MD5
    • TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
    • TLS_RSA_WITH_NULL_MD5
    • TLS_RSA_WITH_NULL_SHA


    Question: How do I add in the following Cipher into the Microsoft Server ?

    • TLS_RSA_WITH_AES_128_CBC_SHA
    • TLS_RSA_WITH_AES_256_CBC_SHA
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
    The Ciphers (RC4 128/128,RC 40/128, RC 56/128) are disabled and (AES 128/128, AES 256/256) are enabled in the server 's registry editor.

    Appreciate if anyone can help on this. Thank You.
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    For helping you in determining what ciphers are in use on your Windows server, as well as to help you set up for PCI compliance or best overall SSL security, I'd recommend checking out IISCrypto.

    I'm not sure if I can post links -- but I'd recommend this page (which will lead you to downloads that will work on Windows 2003). Great piece of software.

    nartac.com/Products/IISCrypto/Download

    Mike
     
    #2 mtindor, Aug 17, 2016
    Last edited by a moderator: Aug 17, 2016
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you verify if you are attempting to modify the cipher settings on the Windows server, or within Web Host Manager for the cPanel server? What specific services would you like to update the cipher settings on?

    Thank you.
     
Loading...

Share This Page