AnsweredAssumed Answered

how to disable TLS_RSA_WITH_AES in windows

Question asked by Bart Kock on Feb 26, 2019
Latest reply on Feb 28, 2019 by Bart Kock

I'm trying to fix my Cipher suite validation on:
SSL Server Test (Powered by Qualys SSL Labs) 

the validation says that the following ciphers ar weak:

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)   WEAK     256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)   WEAK     128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)   WEAK     256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)   WEAK     128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK     256
so I disabled the with IISCrypto, Still have to investigate how this works in regedit.
but when I disable those cipher suites. and only those, my grade changes from an A+ to a B

because: "This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B."


however I never touched AEAD, what am I doing wrong?