Table of contents
  1. 1. The Simple Way
  2. 2. The Hard Way

The Simple Way

  1. Open a text editor, such as Notepad.
  2. Copy and paste the following text into your text editor.
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000
  1. Save the file as disable-ssl3.reg.
  2. Log in to your server with administrator privileges.
  3. Copy the file to your server.
  4. Double-click the .reg file.
  5. Reboot your server.

The Hard Way

  1. Open the Registry Editor as an administrator. For example, in Windows 2012:

    1. Type regedit.exe in the Start menu search box

    2. Right-click on regedit.exe and click Run as administrator

  2. In the Registry Editor window, go to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\

  3. In the navigation tree, right-click Protocols and select New > Key
  4. Name the key SSL 3.0
  5. In the navigation tree, right-click on the new SSL 3.0 key that you just created and select New > Key
  6. Name the key Client
  7. In the navigation tree, right-click on the SSL 3.0 key again and select New > Key
  8. Name the key Server
  9. In the navigation tree under SSL 3.0, right-click on Client  and select New > DWORD (32-bit) Value
  10. Name the value DisabledByDefault
  11. In the navigation tree under SSL 3.0, select Client and double-click DisabledByDefault DWORD value in the right pane
  12. In the Edit DWORD (32-bit) Value window, set the Value Data field to 1 and click OK
  13. In the navigation tree under SSL 3.0, right-click on Server and select New > DWORD (32-bit) Value
  14. Name the value Enabled
  15. In the navigation tree under SSL 3.0, select Server and double-click the Enabled DWORD value in the right pane
  16. In the Edit DWORD (32-bit) Value window, set the Value Data field to 0 and click OK
  17. Restart your Windows server

 

Taken from: https://www.digicert.com/ssl-support/iis-disabling-ssl-v3.htm

Tag page
You must login to post a comment.