AnsweredAssumed Answered

Both SSLv3 and SSLv2 showing as disabled in scan report

Question asked by 3essentials on Apr 20, 2014
Latest reply on Apr 24, 2014 by 3essentials

Hopefully this question is in the correct place.

 

We have a customers Windows 2012 server which needed SSLv2 disabled, and TLS 1.1 and TLS 1.2 enabled.

 

We've followed the instructions here:
http://support.microsoft.com/kb/245030

 

and here:

http://support.microsoft.com/kb/187498

 

Now here is the strange thing in your test it shows both SSL v2 and v3 as disabled, but the site still scores a A-?

 

As far as I know windows handles authentication in the preferred order of PCT 1.0, SSLv3 and SSLv2. Since I can confirm we've knowingly disabled SSLv2 is it possible that your test is accepted by our server with the PCT 1.0 method and not testing SSL v3?

 

Any information you can provide would be helpful.

Outcomes