{"id":2803,"date":"2014-02-11T08:24:22","date_gmt":"2014-02-11T00:24:22","guid":{"rendered":"http:\/\/rmohan.com\/?p=2803"},"modified":"2014-02-11T08:25:10","modified_gmt":"2014-02-11T00:25:10","slug":"iis-crypto","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=2803","title":{"rendered":"IIS Crypto"},"content":{"rendered":"<h1>IIS Crypto<\/h1>\n<p>IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012. It also lets you reorder SSL\/TLS cipher suites offered by IIS, implement best practices with a single click and test your website.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/rmohan.com\/wp-content\/uploads\/2014\/02\/Screenshot1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2805\" alt=\"Screenshot1\" src=\"http:\/\/rmohan.com\/wp-content\/uploads\/2014\/02\/Screenshot1.png\" width=\"763\" height=\"624\" srcset=\"https:\/\/mohan.sg\/wp-content\/uploads\/2014\/02\/Screenshot1.png 763w, https:\/\/mohan.sg\/wp-content\/uploads\/2014\/02\/Screenshot1-300x245.png 300w, https:\/\/mohan.sg\/wp-content\/uploads\/2014\/02\/Screenshot1-150x122.png 150w, https:\/\/mohan.sg\/wp-content\/uploads\/2014\/02\/Screenshot1-400x327.png 400w\" sizes=\"(max-width: 763px) 100vw, 763px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h2>Features<\/h2>\n<ul>\n<li>Single click to secure your site using best practices<\/li>\n<li>Easily disable SSL 2.0<\/li>\n<li>Enable TLS 1.1 and 1.2<\/li>\n<li>Disable other weak protocols and ciphers<\/li>\n<li>Reorder cipher suites<\/li>\n<li>Templates for compliance with government and industry regulations &#8211; FIPS 140-2 and PCI<\/li>\n<\/ul>\n<h2>What Does IIS Crypto Do?<\/h2>\n<p>IIS Crypto updates the registry following this\u00a0<a title=\"Registry Settings for Schannel\" href=\"http:\/\/support.microsoft.com\/default.aspx?scid=kb;EN-US;245030\" target=\"_blank\">article<\/a>\u00a0from Microsoft. We have tested IIS Crypto on Windows Server 2003, 2008, 2008 R2 and 2012 and 2012 R2.Note &#8211; Windows Server 2003 does not support the reordering of SSL cipher suites offered by IIS. However, you can still disable weak protocols and ciphers. Also, Windows Server 2003 does not come with the AES cipher suite. Microsoft has a\u00a0<a title=\"Hotfix - AES for Windows 2003\" href=\"http:\/\/support.microsoft.com\/kb\/948963\" target=\"_blank\">hotfix<\/a>\u00a0for this.<\/p>\n<h2>Downloads<\/h2>\n<p>IIS Crypto requires the .Net Framework version 2.0 or greater. If you are running Windows Server 2012, download the .Net 4.0 version.<\/p>\n<ul>\n<li><a title=\"Download IIS Crypto\" href=\"https:\/\/www.nartac.com\/Products\/IISCrypto\/IISCrypto.exe\">IIS Crypto GUI version 1.4 build 5<\/a>\u00a0(.Net 2.0, 76 KB)<\/li>\n<li><a title=\"Download IIS Crypto\" href=\"https:\/\/www.nartac.com\/Products\/IISCrypto\/IISCrypto40.exe\">IIS Crypto GUI version 1.4 build 5<\/a>\u00a0(.Net 4.0, 90 KB)<\/li>\n<li><a title=\"Download IIS Crypto Command Line\" href=\"https:\/\/www.nartac.com\/Products\/IISCrypto\/IISCryptoCli.exe\">IIS Crypto Command Line version 1.4 build 5<\/a>\u00a0(.Net 2.0, 61 KB)<\/li>\n<li><a title=\"Download IIS Crypto Command Line\" href=\"https:\/\/www.nartac.com\/Products\/IISCrypto\/IISCryptoCli40.exe\">IIS Crypto Command Line version 1.4 build 5<\/a>\u00a0(.Net 4.0, 75 KB)<\/li>\n<\/ul>\n<p>Version history can be found\u00a0<a title=\"Version History\" href=\"https:\/\/www.nartac.com\/Products\/IISCrypto\/Versions.aspx\">here.<\/a>Note &#8211; IIS Crypto requires administrator privileges. If you are running under a non-administrator account, the GUI version will prompt for elevated permissions. The command line version must be run from a command line that already has elevated permissions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>IIS Crypto <\/p>\n<p>IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012. It also lets you reorder SSL\/TLS cipher suites offered by IIS, implement best practices with a single click and test your website.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p> [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2803"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2803"}],"version-history":[{"count":2,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2803\/revisions"}],"predecessor-version":[{"id":2806,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2803\/revisions\/2806"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}