How can I see what version of SSL a web server is currently using?

web-server ssl encryption windows-server-2003

I believe I have disabled SSL 2.0 on my web server (Windows Server 2003). To make sure that it is now using SSL 3.0, how can I check this?

What is the correct way to disable 2.0 and enable 3.0 on a web server?


Solution 1:

IIS will negotiate the SSL version to be used with the client and so should select the highest version that will work with that client. By disabling SSL v2 your are saying that any clients that cannot use V3 will not be able to make an SSL connection, is this what you want?

As far as checking that it is using V3, if you have access to a linux machine (or cygwin on Windows) with openssl installed, you can run this command:

openssl s_client -connect server.com:443 -ssl3

If you can connect, then it is working. Substitute ssl3 for ssl2 if you want to check SSL2.

Solution 2:

Here is the official Microsoft documentation on how to disable a specific SSL protocol.

The openssl test is definitely the easiest. There are binary distributions of openssl available for Windows.

Related

What is the OSI model and how does it apply to todays networks?
Hardware vs Software load balancers: Just a cost issue?
Nginx disable .htaccess and hidden files but allow .well-known directory
Elastic file system (EFS) mount outside of AWS
What is a Reverse Proxy?
Is there a paging version of `watch`?
Is PostgreSQL suited to one OS? Is it better on Linux than Windows?
Logging in as the same user multiple times in Remote Desktop Windows Server 2008
Why might Apache ignore a virtual host with a ServerName matching the requested URL?
Hidden Features of PowerShell
Distributed, Parallel, Fault-tolerant File System
How to set up a fallback error page in nginx?