If you have a Microsoft Web Server and you need to disable certain Crypto suites, for example ensure that you are not using SSL 2.0 or 3.0 or DES 56/56! Then IIS Crypto is a great tool for that.
Firstly go to ssllabs and run a scan on your site.
Once you have the results if there are any encryption warnings for your site you can use IIS Crypto to resolve them.
Go to the Nartac web site and download the tool.
There is nothing to install, you just run the exe and will be greeted by this screen.
From here it is a simple checkbox exercise to enable and disable what you need. It also means that rollback is easy if you find that something broke after making changes!
To make life even easier there is a “Best Practice” setting which will disable all “broken” encrytpion methods for you.
After you have made changes just hit apply and that’s it.
You can also scan your site from within this tool. Select “Site Scanner” from the left hand menu and enter your sites URL.
This time the scan should come back with no encrytpion issues.
Till next time.