AnsweredAssumed Answered

Windows 2016 SSL Labs test - cipher issue

Question asked by Jamie Fullerton on Nov 13, 2017
Latest reply on Nov 15, 2017 by Busby

Hi, recently tested our Windows 2016 server against SSLLABS and I keep getting dinged for these two ciphers being available:

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)   WEAK112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16)   DH 2048 bits   FS   WEAK

I've used IIS Crypto to disable Triple DES 168 and went into group policy editor to remove them from the order of ciphers to use.  In fact the second one wasn't even in the list.

 

Not sure what I'm missing or failing to do now and am a bit confused on how to proceed. Any guidance would be appreciated. Thanks!

Outcomes