Secure, your secure site.

Recently i received a message, stating that my secure site wasn’t so secure. At first i thought, that maybe my certificate had expired, fortunatly that wasn’t the case.

The problem was, that running a webserver on an old Windows Server 2008 std edition, older protocols are used to serve HTTPS

Among them is PCT 1.0, SSLv2 and v3 and older TLS versions. what does this mean and why aren’t they secure.
Well as of july 2018, Google among others started to tighten security on the web, by disallowing older protocols and less secure ciphers to be used, marking sites secured by those older technoliges as unsafe.This is a good thing except for them running these old servers, including me as this involves additional work.

Thankfully Alexander Hass has developed a powershell script that can tighten up this security, so that you don’t have to sit and make all those registry changes by hand.

Here is a link to v1.2 of the script – haas.de

One word of advise though, make sure that in-case you are using some older client side applications the relys on the protocols you are about to disable, that you have an updated version ready.

Also note that in-case you are running an old version of Microsoft Remote Desktop, you won’t be able to connect to the server after running the script. A simple update of the RDP client however will solve that.

Here is a link to a compatible version of RDP – Microsoft.com

You can verity your own site, using the tools provided by ssllabs – ssllabs.com

 

Leave a Reply

© 2019: Noervig's notes | Easy Theme by: D5 Creation | Powered by: WordPress