I guess there are some advantages to running on Azure websites. I ran that ssllabs.com test against a client website that I wrote a year or so ago and got an A. No actions taken on my part (apart from setting up the Azure website to use the certificate). Nice to test it and know though. Thanks for the url.
On Wed, 4 Nov 2015 at 13:20 Grant Maw <[email protected]> wrote: > For those interested, I've run that script on my Windows 2008 R2 box, it > worked without a hitch and took me from an F to a C. I then manually added > TLS 1.2, rebooted and now I am at a B. A few more bits to do and we'll get > an A. > > [image: Inline images 1] > > On 4 November 2015 at 12:45, Paul Glavich <[email protected]> > wrote: > >> I have run that script on our staging and production servers. Works well. >> >> >> >> Take a registry backup prior. Run it. If issues, then restore. >> >> >> >> >> >> - Glav >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Greg Keogh >> *Sent:* Tuesday, 3 November 2015 12:00 PM >> *To:* ozDotNet <[email protected]> >> *Subject:* Re: [OT] SSL testing >> >> >> >> *"An F grade is unacceptably bad, definitely something he needs to get >> sorted. Hold the web developer / company accountable for that."* >> >> >> >> I could barely sleep last night knowing that I'd flunked with an F. The >> trouble is, I don't know who to blame (I am the *developer* and the >> *company*!!). My web server is a pretty vanilla Win2008R2 install and I >> got the cert from Comodo 6 months ago. I sort of expected that regular >> Windows Updates would be fixing this sort of thing, or perhaps I'd get some >> sort of security alert somehow. Why are out-of-the-box servers falling >> behind best security practises? >> >> >> >> I want my server to get an A, but the script I mentioned before worries >> me and I'd prefer some specific and trustworthy instructions from somewhere >> like TechNet, a KB or MSDN to tell me exactly what to do. >> >> >> >> *Greg K* >> > >
