With growing security concersn for the site, it’s now recommended to don’t use the Weak or No Ciphers at all. Unfortunately, these weak ciphers are enabled by default in most of the IIS versions.
If you don’t want to supports the use of SSL ciphers that offer either weak encryption or no encryption at all, then you can easily turn them of by by modifying the corresponding registry entries under following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\
Basically, to fix this security warning, you should disable the SSLv2 and any SSL Ciphers less than 128 bit encryption.
The following link discuss the steps you need to perform:
http://blog.techstacks.com/2008/10/iis-disabling-sslv2-and-weak-ciphers.html
If you want more info or details, please check the following link:
http://support.microsoft.com/kb/187498
As it’s risky task, I will recommend that you first try it on a test machine.
Good luck and be careful when editing registry entries.
Thanks a lot for the link. A lot have folks have been referred to my little site since your post was published. Thanks again!
By: Chris Mahns on July 2, 2009
at 5:14 am