Hello,
I host a windows 2012 r2 server and looking for some help with respect to SSL ciphers.
Below are 4 ciphers for which i have questions :
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
I have installed IIS crypto in the same server and do not see the above ciphers to be present/available for being enabled.
However, with a different sever (server 2016) that i have, checked this server and saw the above ciphers are available (checked in IIS crypto) to be enabled.
So the question is :
1) Is there any way or patch available for windows 2012r2 which can be installed so that we can have these ciphers available in the server to be enabled/disabled.
2) Are these ciphers weak/vulnerable?
N.B : Both the servers (2012r2 and 2016) do not have IIS installed.
Please let me know if any further information is required from my end.
Thanks
Himanshu
Himanshu Bal
