none
SSL Cipher Query - Windows Server 2012R2 RRS feed

  • Question

  • Hello, 

    I host a windows 2012 r2 server and looking for some help with respect to SSL ciphers.

    Below are 4 ciphers for which i have questions : 

    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS 128
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS 256
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256

    I have installed IIS crypto in the same server and do not see the above ciphers to be present/available for being enabled. 

    However, with a different sever (server 2016) that i have, checked this server and saw the above ciphers are available (checked in IIS crypto) to be enabled. 

    So the question is : 

    1) Is there any way or patch available for windows 2012r2 which can be installed so that we can have these ciphers available in the server to be enabled/disabled. 

    2) Are these ciphers weak/vulnerable? 

    N.B : Both the servers (2012r2 and 2016) do not have IIS installed.

    Please let me know if any further information is required from my end.

    Thanks 

    Himanshu


    Himanshu Bal

    Wednesday, October 16, 2019 8:45 AM

All replies

  • Himanshu Bal --

    You have erroneously posted your SQL Server question in a user forum dedicated to Microsoft Project Server, an enterprise project management application.  I would recommend you repost your question in a user forum dedicated to SQL Server questions.  Hope this helps.


    Dale A. Howard [MVP]

    Wednesday, October 16, 2019 3:59 PM
    Moderator