How to Fix SSL Certificate Vulnerabilities on a Windows Server
How to Fix SSL Certificate Vulnerabilities on a Windows Server is the most demanding requirement now a days because of many new things introduced in the market by Microsoft. IIS (Internet Information System) has introduced SNI (server name indication) in its 8.0 version to support multiple SSL website on single port with a host name. If you are planning to introduce a Microsoft based secure web application then you must need to fix the SSL vulnerabilities.
There are many website which can give you pretty good idea about your server certificate and you can choose the best possible options for you. Please follow the under given URL to test your SSL certificate.
This website will help you to check that your SSL certificate is issued from a trusted issuer along with the installation and configuration of the certificate on your server.
Now the main part of the SSL certificate is to ensure that you are using the best possible and available cipher suits along with hashes for your server protection. To test your SSL certificate for these things you need to visit the under given website:
After testing your SSL certificate and settings by using the above link you will get something like under given:Very first time there might be something like Grade C, B, or F for your website. There is nothing to worry about, you just need to search the internet and find the solutions of the problem identified by this website. Once you are done with the fixation you will surely get an A grade for your server security. please check the under given picture for more information.
Make sure you remove SSL3.0 from your server to protect it from hackers. I will share a complete list of fixes which are required to get an A grade on a windows server in next post under penetration section. Please get back soon!!!!
2 thoughts on “How to Fix SSL Certificate Vulnerabilities on a Windows Server”
I prefer using ssl labs tool for testing the ssl.
You must check the installation and configuration of your SSL certificate on your server too and for this you can visit http://sslshopper.com/