Cipher Suite for Windows Server 2003 SP2

[snowfrost]

Hi All,

My application is using Windows Server2003 SP2 and we have enabled TLS1.0. Can I check how do I check the Cipher Suite that is enabled in the server ? I am not able to find the option "SSL Configuration Option" in the Group Policy Editor.

Is the below the default list of ciphers for Server 2003?

• TLS_RSA_WITH_RC4_128_MD5
• TLS_RSA_WITH_RC4_128_SHA
• TLS_RSA_WITH_3DES_EDE_CBC_SHA
• TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
• TLS_RSA_WITH_DES_CBC_SHA
• TLS_DHE_DSS_WITH_DES_CBC_SHA
• TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
• TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
• TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
• TLS_RSA_EXPORT_WITH_RC4_40_MD5
• TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
• TLS_RSA_WITH_NULL_MD5
• TLS_RSA_WITH_NULL_SHA

Question: How do I add in the following Cipher into the Microsoft Server ?

• TLS_RSA_WITH_AES_128_CBC_SHA
• TLS_RSA_WITH_AES_256_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
• TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

The Ciphers (RC4 128/128,RC 40/128, RC 56/128) are disabled and (AES 128/128, AES 256/256) are enabled in the server 's registry editor.

Appreciate if anyone can help on this. Thank You.

 

[mtindor]

For helping you in determining what ciphers are in use on your Windows server, as well as to help you set up for PCI compliance or best overall SSL security, I'd recommend checking out IISCrypto.

I'm not sure if I can post links -- but I'd recommend this page (which will lead you to downloads that will work on Windows 2003). Great piece of software.

nartac.com/Products/IISCrypto/Download

Mike

 

[cPanelMichael]

Hello,

Could you verify if you are attempting to modify the cipher settings on the Windows server, or within Web Host Manager for the cPanel server? What specific services would you like to update the cipher settings on?

Thank you.