2

I need to ensure that servers have been properly configured to prevent the usage of SSL2/3 and TLS1.0/1.1 and ensure that only TLS1.2 is enabled.

In addition I need to ensure that certain ciphers are enabled/disabled to meet PCI/HIPAA requirements.

I've found plenty of one off scripts and applications. IISCrypto (nartac) and https://www.hass.de/files/nodes/story/58/setupiisforsslperfectforwardsecrecy_v3.0.0.ps1

What I really need is a DSC resource for cleanly enabling/disabling protocols and ciphers.

I cant seem to find any DSC-resources to perform the needed task.

Bozojoe
  • 637
  • 1
  • 6
  • 17

1 Answers1

0

A few months ago, I opened an issue on Github about this topic.

https://github.com/dsccommunity/xSystemSecurity/issues/27

If you want to speed up the Github request you can upvote it.
Or maybe somebody can help the project and write the code for it...

Luke
  • 439
  • 2
  • 6
  • 15