subject:"\[NTSysADM\] RE\: Disable TLS 1.0 on ADFS 3.0"

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

2017-01-13 Thread Melvin Backus

+1

We just went through a security audit and this helped clean up a lot of things 
very quickly.  We could have done them other ways, but this was quick and easy.

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Tim Williams
Sent: Friday, January 13, 2017 12:14 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

I would suggest using the nartac iis crypto software to manage the protocols.  
I love this tool

https://www.nartac.com/Products/IISCrypto



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Christopher Bodnar
Sent: Friday, January 13, 2017 11:37 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Disable TLS 1.0 on ADFS 3.0

Can anyone point me to some documentation that discusses this? I’ve tested our 
ADFS site with the online Qualys tool:

https://www.ssllabs.com/ssltest/index.html

And it comes back stating that TLS 1.0 is enabled:

[cid:image001.jpg@01D26D9A.BAC1F430]

With ADFS 3.0 using HTTP.sys instead of IIS, I’m not sure where that is 
configured. Can’t find any references to this.

Thank you,


Christopher Bodnar
Enterprise Architect II, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.png@01D1326B.600058E0]

The Guardian Life Insurance Company of America

www.guardianlife.com<http://www.guardianlife.com/>




- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

2017-01-13 Thread Tim Williams

I would suggest using the nartac iis crypto software to manage the protocols.  
I love this tool

https://www.nartac.com/Products/IISCrypto



From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Christopher Bodnar
Sent: Friday, January 13, 2017 11:37 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Disable TLS 1.0 on ADFS 3.0

Can anyone point me to some documentation that discusses this? I’ve tested our 
ADFS site with the online Qualys tool:

https://www.ssllabs.com/ssltest/index.html

And it comes back stating that TLS 1.0 is enabled:

[cid:image003.jpg@01D26D96.748E98F0]

With ADFS 3.0 using HTTP.sys instead of IIS, I’m not sure where that is 
configured. Can’t find any references to this.

Thank you,


Christopher Bodnar
Enterprise Architect II, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.png@01D1326B.600058E0]

The Guardian Life Insurance Company of America

www.guardianlife.com




- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

2017-01-13 Thread Joseph L. Casale

HTTP.sys uses the schannel security support provider, try this link:

https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS10

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Christopher Bodnar
Sent: Friday, January 13, 2017 9:37 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Disable TLS 1.0 on ADFS 3.0

Can anyone point me to some documentation that discusses this? I’ve tested our 
ADFS site with the online Qualys tool:

https://www.ssllabs.com/ssltest/index.html

And it comes back stating that TLS 1.0 is enabled:

[cid:image003.jpg@01D26D85.50842080]

With ADFS 3.0 using HTTP.sys instead of IIS, I’m not sure where that is 
configured. Can’t find any references to this.

Thank you,


Christopher Bodnar
Enterprise Architect II, Corporate Office of Technology:Enterprise Architecture 
and Engineering Services

Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com

[cid:image001.png@01D1326B.600058E0]

The Guardian Life Insurance Company of America

www.guardianlife.com




- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

[NTSysADM] RE: Disable TLS 1.0 on ADFS 3.0

3 matches

Site Navigation

Mail list logo

Footer information