Skip to Content

How to Easily Disable Protocols on IIS Server

Estimated Reading Time: 1 Minutes

Step#

Task

Screenshot

1

 

Login to the webserver as an admin and go to: https://www.nartac.com/Products/IISCrypto

 

Run the tool on the webserver * – Nothing is installed

 

 

2

Deselect the protocols you want to disable. This tool creates the correct registry keys** and sets them appropriately. After selecting, schedule a restart. Settings are applied after restart

 

 

 

 

 

3

After the server restarts go to: https://www.cdn77.com/tls-test  to verify settings. In addition, open the website and verify it is still working.

 

 

 

Notes:

* The tool uses settings from the following Microsoft Document to make the changes: https://docs.microsoft.com/en-US/troubleshoot/windows-server/windows-security/restrict-cryptographic-algorithms-protocols-schannel

** To disable TLS 1.0 the following keys are created:

HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server

DisabledByDefault = REG_DWORD  Hex 1

Enabled = REG_DWORD  Hex 0

How to Easily Disable Protocols on IIS Server
  • COMMENT