SSL 2.0

Enables or disables the use of SSL 2.0. By default for Windows clients, SSL 2.0 is disabled.

Note that SSL 2.0 is insecure and must not be used.

Changing this setting will require a restart of the computer before the setting will take effect.

Supported on: At least Windows 2000

Enable Client-side SSL 2.0 (eg., Internet Explorer)
Enable policy:
Registry PathValue NameValue TypeValue
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ClientEnabledREG_DWORD1
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ClientDisabledByDefaultREG_DWORD0
Disable policy:
Registry PathValue NameValue TypeValue
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ClientEnabledREG_DWORD0
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ClientDisabledByDefaultREG_DWORD1
Enable Server-side SSL 2.0 (eg., IIS)
Enable policy:
Registry PathValue NameValue TypeValue
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ServerEnabledREG_DWORD1
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ServerDisabledByDefaultREG_DWORD0
Disable policy:
Registry PathValue NameValue TypeValue
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ServerEnabledREG_DWORD0
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\ServerDisabledByDefaultREG_DWORD1

schannel.admx