Comments (17) -

By Dom | August 3, 2016 - 08:41

Thanks! you've saved me tons of time with this tool. Greatly appreciated!

By Rob H | August 23, 2016 - 07:58

Kudos for making - and updating - such a fantastic tool! Smile

By Rob | September 20, 2016 - 08:49

Guys,

Does anyone know if this will work on a Server 2008 (non R2) instance?

Thanks

By KAI | October 10, 2016 - 03:07

How it is support TLS1.3 for windows 2012 IIS?

By Blake | November 9, 2016 - 09:46

Great tool very useful.  Using CLI I was able to remove SWEET32 SSL vulnerability from 1300 devices.  

By Sad Pencil | November 12, 2016 - 03:53

Many thanks to this software!

By Tom Jerry | December 21, 2016 - 10:52

Hi,

Due to The SWEET32 Issue, CVE-2016-2183, 3DES cipher should be disabled when Best Practices is used under Cipher Suites.
And thank you for this great software.

By yon | January 31, 2017 - 03:23

when the tool support for IIS10 and TLS1.3 ?

By yon | January 31, 2017 - 03:24

TLS 1.3 now removes obsolete and insecure features from TLS 1.2, including the following:

SHA-1
RC4
DES
3DES
AES-CBC
MD5
Arbitrary Diffie-Hellman groups — CVE-2016-0701
EXPORT-strength ciphers – Responsible for FREAK and LogJam
Three TLS current 1.3 test servers to play with: https://enabled.tls13.com/ , https://www.allizom.org/ and https://tls13.crypto.mozilla.org/.

This streamlining also makes TLS 1.3 much simpler to configure for server operators.

By Sorean | March 5, 2017 - 04:49

IIS Crypto reaches out to mail.nartac.com during SSL removal with TCP connect
It preforms TCP TCPCopy, TCP Send TCP Receive commands. Why is it reaching out  to your servers across the net?

By Jeff | March 5, 2017 - 08:22

Hi,

It reaches out to update.nartac.com which is the same IP address as mail.nartac.com. It does a check for updates. That is the only external server it hits.

- Jeff

By Shane Willoughby | March 6, 2017 - 03:24

Thank you kindly for designing and providing this tool! I don't think it could have been made to work any easier!

By Test | August 10, 2017 - 04:01

what is mean by set client side protocols?

By Datakonsulenten | November 20, 2017 - 11:15

The certificate your exellent software is signed with is out of date.
On systems running strict security (app locker)  - this makes it impossible to start.
Is it possible for you to fix this?
Thanks!

By Anonymous-admin | May 1, 2018 - 02:54

In July 2017, Microsoft released update KB4019276 to add TLS1.1 and TLS1.2 to Server 2008 (Windows 6.00) Service Pack, will there be an updated version of IISCrypto supporting this, or will everybody have to revert back to manual configuration again?

By John | June 12, 2018 - 02:53

I know this question has been asked before but it hasn't been answered.

I am running a website Asp.Net + IIS 8.5.

I have the enable client side protocol set - What does it do, need to keep it set? I have no control over clients (browser)? Do I need to keep it ticked?

By Matt | June 18, 2018 - 09:07

Bug Report

Version: Version 2.0 Build 11, both GUI and CLI
Windows: Server 2016 Datacenter, Azure VM, fully patched (June cumulative).

Crash on launch of GUI, or crash when trying to apply template via CLI.

Errors from Event viewer and CLI
KERNELBASE.DLL and System.InvalidCastException

Add comment