Windows web servers should be configured to use secure communication protocols
Lakshmi Narayanan
71
Reputation points
HI,
I have one Windows 2016 prod server on Azure Cloud. As per Advisor services, its recommend to clear this High Severity - Windows web servers should be configured to use secure communication protocols.
I have configured all the things which Azure were mentioned in remediation steps.
To ensure your windows web server is using secure communication protocol:
- Enable TLS on your machine. For Windows Server 2008 R2, Windows Server 2012, or Windows 7, install the update at https://support.microsoft.com/help/3140245. For Windows 2012 R2 Server or later, no updates are necessary as TLS
- 2 is enabled by default.
- Update the Windows and WinHTTP registry keys (or verify that they're correct) according to the information here: https://learn.microsoft.com/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_winhttp.
- Ensure you're running .NET
- 6.2 or later and that the necessary .NET registry keys are set according to the information here: https://learn.microsoft.com/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_net
After i configured above steps, this High severity disappeared. But its again appearing since one week. Where i'm wrong? Can i exempt this severity? Can any one please advice on this?
Sign in to answer