Tag: tls

February 12, 2016

IIS 8 with ECC certificates – increasing your SSL Security on Windows Server 2012

Blog, Computers, Servers

What is an ECC Certificate and why would you need one? The main difference with an Elliptic Curve Cryptography (ECC) certificate is with how the certificate is signed, in this case the Elliptic Curve Digital Signature Algorithm (ECDSA) is used vs the standard RSA we are used to seeing. Once you have a certificate signed…

Written by

robwillisinfo
October 21, 2015

Hardening SSL & TLS connections on Windows Server 2008 R2 & 2012 R2

Blog, Computers, Servers

Hardening your SSL/TLS connections is a pretty common thing to do on any Windows Server running IIS and web applications that utilize HTTPS, especially if they require some sort of compliance. It is generally a good idea to do this on all of your servers though, to ensure your secure connections really are secure. On…

Written by

robwillisinfo
August 16, 2015

Disabling TLS 1.0 with MS SQL 2012/2014 – Services won’t start & SSMS fails to connect

Servers

Update – 2.1.2016 – I would really only use this as a last resort and I highly recommend testing this solution prior to putting it into production. At this time it does not appear that all of SQL’s features fully support disabling TLS 1.0 and you may run into issues with things like Reporting Services(SSRS).…

Written by

robwillisinfo
May 2, 2015

Fix the obsolete cryptography warning in Chrome on IIS 7 & 8

Blog, Computers, Servers

Update – 2.2.2016 – The ciphers originally listed in this post no longer work to fix the obsolete cryptography warning as Google has upped the requirement from DHE with AES_128_GCM to ECDHE with AES_128_GCM or CHACHA20_POLY1305. The only ciphers we have on Windows that are close to this requirement are all ECDHE-ECDSA which will require…

Written by

robwillisinfo
September 20, 2013

IIS 7/7.5 Hardening SSL TLS – Windows Server 2008 R2

Servers, Tools

One of the first steps you should do when deploying a new public facing web server is hardening your server’s SSL/TLS connections. Disabling vulnerable protocols, ciphers, hashes and key exchange algorithms can help mitigate the now more common exploits like the BEAST attack. By default many weaker technologies are enabled, leaving IIS traffic vulnerable and…

Written by

robwillisinfo

Tag: tls

IIS 8 with ECC certificates – increasing your SSL Security on Windows Server 2012

Hardening SSL & TLS connections on Windows Server 2008 R2 & 2012 R2

Disabling TLS 1.0 with MS SQL 2012/2014 – Services won’t start & SSMS fails to connect

Fix the obsolete cryptography warning in Chrome on IIS 7 & 8

IIS 7/7.5 Hardening SSL TLS – Windows Server 2008 R2