I'm trying to fix my Cipher suite validation on:
SSL Server Test (Powered by Qualys SSL Labs)
the validation says that the following ciphers ar weak:
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK
so I disabled the with IISCrypto, Still have to investigate how this works in regedit.
but when I disable those cipher suites. and only those, my grade changes from an A+ to a B
because: "This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B."
however I never touched AEAD, what am I doing wrong?