AnsweredAssumed Answered

Best practices Cipher list for IIS?

Question asked by Whex on Sep 13, 2013
Latest reply on Oct 22, 2013 by Paul Tobias

Is there a order of ciphers that is a known "best" configuration for IIS 7.5 or IIS 8?

 

Currently, I'm running the following, which gets me 100/95/90/90 (if I enable HSTS) on IIS 7.5, with Forward Secrecy on 13/20 clients.

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_RC4_128_SHA

 

 

Does anyone else know of a better config?

 

Thanks,

Whex

Outcomes