AnsweredAssumed Answered

Win 2008 R2 and IIS 7.5 get closer to an "A" on SSL Server Test

Question asked by Brian Henson on Oct 19, 2015
Latest reply on Oct 20, 2015 by dissssss

Our web server (win 2008 R2 with IIS 7.5) had these issues on the SSL Server Test:

 

Downgrade attack prevention: No, TLS_FALLBACK_SCSV not supported

Uses common DH primes: Yes, Replace with custom DH parameters if possible

DH public server param (Ys) reuse: Yes

 

Are these things I should truly be concerned about, and if so what are some options I have to deal with them?

Outcomes