Working on the following finding: ssl-static-key-ciphers and I’ve cleared them in IIS Crypto and rebooted / rescanned with InsightVM but they’re still showing. They’re not showing in the registry on the system. Has anyone else run into this?
Scott
We had to go in with a powershell script that removes the Cipher Suites explicitly, using the Disable-TLSCipherSuite cmdlet.
1 Like
When I run:
(Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002").Functions
It doesn’t show the ones I unchecked in IIS Crypto so I’m puzzled.
(post deleted by author)