Skip to content

Instantly share code, notes, and snippets.

@arebee

arebee/disable-ssl30-windows.cmd

Last active August 29, 2015 14:07
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save arebee/79139b26d6a8135752c3 to your computer and use it in GitHub Desktop.
Save arebee/79139b26d6a8135752c3 to your computer and use it in GitHub Desktop.
Download ZIP
Disable SSL 3.0 on the Server for IIS etc,
Raw
disable-ssl30-windows.cmd
@REM Disable server side
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server" /VE
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server" /V Enabled /T REG_DWORD /D 0
@REM To force disable client side, overkill. Use client config (i.e. IE Internet Options etc.)
@REM REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Client" /VE
@REM REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Client" /V DisabledByDefault /T REG_DWORD /d 1
@arebee
Copy link
Author

arebee commented Oct 16, 2014

Run from an elevated command prompt. Thanks to @ericlaw on Twitter for the suggestion to rem out the client side and rely on settings in apps.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment