0

We tested the application for PCI Compliance and ended up with an error stating that 

                **SSL Medium Strength Cipher Suites Supported**

And the solution for this is given as 

Reconfigure the affected application if possible to avoid use of medium strength ciphers

Can anyone help me how to implement in windows server 2003 using IIS 6.0

Alex K.
  • 171,639
  • 30
  • 264
  • 288
Pranesh Nair
  • 313
  • 4
  • 11
  • 27

1 Answers1

3

Go to the following location from registry.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\

You will see a list of cipher key size.

Add a new DWORD key name 'Enabled' with value '0' to the cipher key with the size less than '128'.

Hope this help.

Myo Zaw.

Myo Zaw
  • 31
  • 3