AnsweredAssumed Answered

Forward Secrecy (FS) on Windows Server 2008 R2 / IIS 7.5

Question asked by sejong on Nov 5, 2013
Latest reply on Mar 30, 2015 by Fritz Frei

On a Windows Server 2008 R2 / IIS 7.5 installation, I have successfully enabled FS for all SSL clients except

Bing Oct 2013

Firefox 21

Java 6u45

OpenSSL 0.9.8y

 

The SSL Labs report Handshake simulation section shows "No FS" for these clients.  The Protocol Details section shows FS "with modern broswers"

 

It looks like I can't do any better than this because the cipher suites needed by these clients for FS are not enabled on Windows Server 2008 R2 / IIS 7.5. Can anyone confirm this, or alternatively suggest how to to better.

Outcomes