IIS Crypto 3.2 has been released. We have added a new feature to override the Protocols Enabled value. Normally the value is supposed to be set to 0xffffffff if a protocol is enabled. However, some software only supports using the value of 1 if enabled. There is a new checkbox on the Advanced tab to override the default value. See our FAQ article for more information. Download the new version here.
IIS Crypto 3.1 has been released! This version is a minor update to fix a couple of issues. We are working on a larger update that will include a bunch of new features. Download the latest here.
We are happy to announce that IIS Crypto 3.0 has been released! This version adds advanced settings, registry backup, new templates with a simplified format, Windows Server 2019 support and much more. The full change log can be found on the download page. We have also added a new support site and blog.
Thank-you to all of our beta testers and for everyone’s suggestions and support over the years. It is much appreciated!
A new SSL/TLS vulnerabilty was recently discovered dubbed “FREAK“. Originally it was thought that only OpenSSL was vulnerable, however, Microsoft just issued an advisory (3046015) describing the affected versions of Windows. The default configuration of Windows 2003 is vulnerable, however, Windows 2008 and above are not affected in the default configuration. The Best Practices template in IIS Crypto solves this by removing the affected cipher suites.