I uploaded a new version of "Harden SSL/TLS"

Changes

  • Added Windows 8 support
  • Added Windows Server 2012 support
  • Resolved an issue around P521 additions

About Harden SSL/TLS 

Harden SSL/TLS” allows to configure and harden the SSL/TLS settings of Windows System, ranging from Windows XP to Windows 8 and from Windows 2003 to Windows Server 2012.

Harden TLS allows to remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites.

The foundation of this tool was the investigation and reverse engineering of the ciphers provided by the various SCHANNEL versions by G-SEC and presented in the paper “SSL/TLS Compatibility Report”.

This tool specific allows setting policies with regards to what ciphers and protocols are available to applications that use SCHANNEL crypto interface. A lot of windows applications do use this interface, for instance Internet Explorer and Apple Safari are a few of these.





By changing the settings you can indirectly control what ciphers these applications are allowed to use. This tool works for all and every application that uses Microsoft CSCHANNEL whether they are client or server applications - as example: IIS, SQL Server, Internet Explorer, Safari.

Harden SSL / TLS 

Download


Documentation



8 comments

Mindfart said... @ 26 June, 2013 17:29

Chrome deams the zip file unsafe.

Anonymous said... @ 26 June, 2013 19:34

The PDF file on your site is corrupt (Foxit reader message)

thierryzoller said... @ 26 June, 2013 20:16

Thanks for the note - false positive

Nick Dominguez said... @ 31 October, 2013 19:57

Where does the program get the "Ciphersuite Priority List" from? Mine is missing some Ciphersuites that should be there. Namely, any of the TLS RC4 Suites.

thierryzoller said... @ 02 November, 2013 15:07

Hello Nick,
Thanks for your comments, can you sent me further information at thierry@zoller.lu ?

Ratko Stibric said... @ 12 March, 2014 22:36

Hi,

The tools does not show anything on Windows 2012 R2 Server, can you check please?

Thanks,

Ratko

Angel said... @ 13 June, 2014 13:19

True. The tool does not work on Windows Server 2012 R2. Confirmed it does NOT show anything.

Alex Lewis said... @ 09 February, 2015 18:25

do you have plans to expand support to include 2012 R2 and Windows 8.1?

Post a Comment