IIS Crypto 3.2 Released

IIS Crypto 3.2 has been released. We have added a new feature to override the Protocols Enabled value. Normally the value is supposed to be set to 0xffffffff if a protocol is enabled. However, some software only supports using the value of 1 if enabled. There is a new checkbox on the Advanced tab to override the default value. See our FAQ article for more information. Download the new version here.

IIS Crypto 3.0 Released!

We are happy to announce that IIS Crypto 3.0 has been released! This version adds advanced settings, registry backup, new templates with a simplified format, Windows Server 2019 support and much more. The full change log can be found on the download page. We have also added a new support site and blog.

Thank-you to all of our beta testers and for everyone’s suggestions and support over the years. It is much appreciated!

Cipher Suites Renamed in Windows Server 2016

After testing IIS Crypto 2.0 we ran into an issue with soon to be released Windows Server 2016. All of the Qualys SSL scans were not recognizing the order of the cipher suites configured by IIS Crypto. It turns out that Microsoft quietly renamed most of their cipher suites dropping the curve (_P521, _P384, _P256) from them. This reduced most suites from three down to one. However, this threw us a bit of a curve ball as now IIS Crypto’s configuration and all of the templates needed to support OS version checking. We added this in one of the beta versions, retested and sure enough the scans were now showing the correct cipher suite order.