Cipher Suite for Windows Server 2003 SP2

snowfrost

Registered
Aug 16, 2016
1
0
1
sing
cPanel Access Level
Root Administrator
Hi All,

My application is using Windows Server2003 SP2 and we have enabled TLS1.0. Can I check how do I check the Cipher Suite that is enabled in the server ? I am not able to find the option "SSL Configuration Option" in the Group Policy Editor.

Is the below the default list of ciphers for Server 2003?

  • TLS_RSA_WITH_RC4_128_MD5
  • TLS_RSA_WITH_RC4_128_SHA
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_DES_CBC_SHA
  • TLS_DHE_DSS_WITH_DES_CBC_SHA
  • TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
  • TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
  • TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
  • TLS_RSA_EXPORT_WITH_RC4_40_MD5
  • TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
  • TLS_RSA_WITH_NULL_MD5
  • TLS_RSA_WITH_NULL_SHA


Question: How do I add in the following Cipher into the Microsoft Server ?

  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
The Ciphers (RC4 128/128,RC 40/128, RC 56/128) are disabled and (AES 128/128, AES 256/256) are enabled in the server 's registry editor.

Appreciate if anyone can help on this. Thank You.
 

mtindor

Well-Known Member
Sep 14, 2004
1,431
92
178
inside a catfish
cPanel Access Level
Root Administrator
For helping you in determining what ciphers are in use on your Windows server, as well as to help you set up for PCI compliance or best overall SSL security, I'd recommend checking out IISCrypto.

I'm not sure if I can post links -- but I'd recommend this page (which will lead you to downloads that will work on Windows 2003). Great piece of software.

nartac.com/Products/IISCrypto/Download

Mike
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
Hello,

Could you verify if you are attempting to modify the cipher settings on the Windows server, or within Web Host Manager for the cPanel server? What specific services would you like to update the cipher settings on?

Thank you.