none
how to modify IE -> internet options -> advanced -> security settings using script. RRS feed

  • Question

  • Hi all,

    In my automation.. i Need to Enable "Use SSL 2.0" option available under Internet Options -> advanced -> Security.

     I was trying to changes the registry setting for Internet Explore. under "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings" 

    but here i could not see any settings for the SSL versions.   can some help me where can i find registry settings for the above option.

    or is there any other way i can enable / disable the above setting. Need help on this. 

    Tuesday, September 25, 2012 10:55 AM

Answers

All replies

  • It's in

    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols and You have to find the right value to make it enabled

    e.g. for me it is 168

    Tuesday, September 25, 2012 11:21 AM
  • Hi all,

    In my automation.. i Need to Enable "Use SSL 2.0" option available under Internet Options -> advanced -> Security.

     I was trying to changes the registry setting for Internet Explore. under "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings" 

    but here i could not see any settings for the SSL versions.   can some help me where can i find registry settings for the above option.

    or is there any other way i can enable / disable the above setting. Need help on this. 

    SSL 3.0 is selected by default.  This includes SSL 2.0 support. Yu do not need to enable SSL 2.0 as it is not as secure.

    All settings for IE can be set in Group Policy.


    ¯\_(ツ)_/¯

    Tuesday, September 25, 2012 11:21 AM
  • Thanks for the reply , but i could not find any SecureProtocols under "Software\Microsoft\Windows\CurrentVersion\Internet Settings"

    here is the list of values which i have under the above folder 

    5.0
    Accepted Documents
    ActiveX Cache
    AllowedBehaviors
    AllowedDragImageExts
    AllowedDragProtocols
    ApprovedActiveXInstallSites
    Cache
    Connections
    Http Filters
    Last Update
    Lockdown_Zones
    NoFileLifetimeExtension
    P3P
    Passport
    Secure Mime Handlers
    SO
    SOIEAK
    TemplatePolicies
    Unattend
    Url History
    User Agent
    WinHttp
    ZoneMap
    Zones

    i am using win7 64 bit + IE 9

    Tuesday, September 25, 2012 11:33 AM
  • Thanks jrv for the reply , yes i agree that SSL 3.0 is by default enabled. for testing i need to select different version of SSL / TLS and check against the different sets of ciphers. so i need to disable and enable some options under IE.

    Thanks

    tanuj 

    Tuesday, September 25, 2012 11:38 AM
  • Under internet Settings key there is SecureProtocols key and its value determines which security is enabled (tls, ssl2, ssl3)

    http://www.tech-archive.net/Archive/WinXP/microsoft.public.windowsxp.setup_deployment/2005-08/msg00618.html

    • Marked as answer by mtanuj Tuesday, September 25, 2012 11:44 AM
    Tuesday, September 25, 2012 11:39 AM
  • This is not a scripting issue.  You need to post in the IE forum or in the GP forum for guidance.

    As stated eaaslier you do not wnat to change that stting. It is uncheck by default and does not exist fo rIE7 and later as a setting.  It persistes on systems that have been upgraded from IE6.

    Read the following Microsoft KB:

    Symptom Cause

    An error page appears when viewing a site configured to use only the SSL 2.0 protocol.

    Windows Internet Explorer 8 automatically disables the SSL 2.0 protocol. Due to known security issues with the SSL 2.0 protocol, it has been replaced by the SSL 3.0 and TLS 1.0 protocols.

    An error page appears when viewing an HTTPS site configured to use weaker ciphers (such as 40-bit and 56-bit encryption) on the Windows Vista® operating system.

    Windows Vista disabled the weaker encryption ciphers, only allowing only the use of stronger ciphers.

    An error page appears when navigating to an HTTPS site with an erroneous security certificate.

    Internet Explorer 8 automatically blocks navigation to any HTTPS site with invalid or erroneous security certificates.

    An Information Bar appears when viewing a page that mixes HTTPS and HTTP content.

    Internet Explorer 8 automatically blocks HTTP content from appearing in HTTPS pages.

    An error appears when navigating to an HTTPS site with a revoked security certificate on Windows Vista.

    For more detail

    http://technet.microsoft.com/en-us/library/cc905752.aspx

    Windows Vista automatically performs a check for revoked security certificates on HTTPS sites.


    ¯\_(ツ)_/¯

    Tuesday, September 25, 2012 11:51 AM
  • Under internet Settings key there is SecureProtocols key and its value determines which security is enabled (tls, ssl2, ssl3)

    http://www.tech-archive.net/Archive/WinXP/microsoft.public.windowsxp.setup_deployment/2005-08/msg00618.html

    Please read the post and lins I just posted.

    YOU DO NOT WANT TO ENABLE THIS PROTOCOL.  IT IS DSABLED ON PURPOSE AND IS NOT NEEDED FOR ANY LEGITIMATE WEB PAGE. 

    The challenge for SSL 2.0 is becuse the web site is using malware to spoof you into dropping your settings.  Once you connect with SSL2 you will likely be attacked and not know it.


    ¯\_(ツ)_/¯

    Tuesday, September 25, 2012 11:54 AM