Share via


How to disable SSL 2.0 on Windows Server 2008 R2

Fix-it options available in KB 187498 are not applicable for 2008 R2 servers.

https://support.microsoft.com/kb/187498

 

To fix this issue follow the steps given below:

Set the follow registry value, and restart the server: 

Key: HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server

Value: DisabledByDefault

Type: REG_DWORD

Data: 0x1 

Client-side SSL 2.0 is already disabled by default on Windows 7 and Windows Server 2008 R2

Comments

  • Anonymous
    March 14, 2013
    Hi I did exactly  as you described on two servers and started to have "Schannel" sourced  error in syslogs: "An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed." Had to revert back

  • Anonymous
    March 14, 2013
    here is the correct approach www.sslshopper.com/article-how-to-disable-ssl-2.0-in-iis-7.html

  • Anonymous
    February 09, 2014
    doesn't works. openssl still can connect with -ssl2

  • Anonymous
    May 27, 2014
    This is wrong follow the link Orest posted which is correct