[Ach] FYI: Setup your IIS for SSL Perfect Forward Secrecy and TLS 1.2

Aaron Zauner azet at azet.org
Sun Feb 1 01:12:12 CET 2015

Pepi Zawodsky wrote:
> Just got this guide handed by Hetti for setting up IIS.
> https://www.hass.de/content/setup-your-iis-ssl-perfect-forward-secrecy-and-tls-12
> Doesn't look too bad when used with our cipher strings.

How does that work exactly? Any changes/patches to this script that
you'd mind sharing?

This PowerShell Script still uses CBC mode all over the place, and I
don't think that you can use re-use the OpenSSL cipherstring :)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150201/2cc5c055/attachment.sig>

More information about the Ach mailing list