SSL 3.0
Enables or disables the use of SSL 3.0.
SSL 3.0 is insecure when used with HTTP and weak when used with other protocols. It is also obsolete. TLS 1.1 or better should be used instead, if possible.
Changing this setting will require a restart of the computer before the setting will take effect.
Supported on: At least Windows 2000
Enable Client-side SSL 3.0 (eg., Internet Explorer)Enable policy:
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client | Enabled | REG_DWORD | 1 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client | DisabledByDefault | REG_DWORD | 0 |
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client | Enabled | REG_DWORD | 0 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client | DisabledByDefault | REG_DWORD | 1 |
Enable Server-side SSL 3.0 (eg., IIS)Enable policy:
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server | Enabled | REG_DWORD | 1 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server | DisabledByDefault | REG_DWORD | 0 |
| Registry Path | Value Name | Value Type | Value |
|---|---|---|---|
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server | Enabled | REG_DWORD | 0 |
| SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server | DisabledByDefault | REG_DWORD | 1 |
schannel.admx
- Network
- SChannel Configuration Settings
- Cipher Suites
- Hashes
- Key Exchange Algorithms
- Protocols
- SChannel Logging
- SSL Configuration Settings
- Ciphers
- Hashes
- Key Exchanges
- Protocols
- SChannel Configuration Settings