Disabling the SSLv2 or SSLv3

To disable SSLv2 and SSLv3 ensure the following settings are enabled in the registry. If the registry key is not present, then create the registry key manually:

  1. Ensure key DisabledByDefault is equal to 1 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server\DisabledByDefault.
  2. Ensure key Enabled is equal to 0 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server\Enabled.
  3. Ensure key DisabledByDefault is equal to 1 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server\DisabledByDefault.
  4. Ensure key Enabled is equal to 0 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server\Enabled.