Follow the steps
Following step will help you in disabling Diffie-Hellman Key Exchange in IIS on Windows Server
- Open Windows Registry (Press Windows logo key + R, then enter "regedit" in box and press Enter Key"
- Locate key: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\KeyExchangeAlgorithms
- Add following keys in KeyExchangeAlgorithms (as shown in image above)
Diffie-Hellman - Add following two values in every client and server key
Value Name: Enabled
Value Type: DWORD (32-bit value)
Value Data: 0
Save the time
To save the time in this whole activity I created one registry file. Simply download following gist, save it as tls.reg and import in your Windows registry. It will create all the necessary keys and values in your registry
EOF
No comments:
Post a Comment