Enable SSLv2Hello on Windows Server 2019

Question

Hello,

I hope you are healthy and well.

My company uses an AS2 EDI service working on HTTP. We're testing this service on HTTPS but we're not being able to complete TLS handshake with one of our customers.

The customer connects to our service through a Windows 2019 WAP Server, and his company requires that we support SSLv2Hello client protocol.

Is there a way to enable this on our Windows Server 2091 WAP server?

I know SSLv2 has poor security and should be disabled but it's either this or plain text HTTP.

Thank you very much.

Kind regards,
GAR

Answer 1

https://learn.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-#pre-tls-standard-protocols-support

Beginning with Windows 10, version 1607 and Windows Server 2016, SSL 2.0 has been removed and is no longer supported.

Answer 2

Hello @Gilberto Ribeiro

SSLv2Hello cannot come alone, it needs another protocol to be allowed (SSLv3, TLS).You can enable them by following this article https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

Once it is done then you can use the regedit to enable the SSLV2 .

-Go to this entry:

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0

-Right-click on the SSL 2.0 folder and select New and then click Key. Name the new folder Server.
-Inside the Server folder, click the Edit menu, select New, and click DWORD (32-bit) Value.
-Enter Enabled as the name and hit Enter.
-Ensure that it shows 0x00000000 (0) under the Data column (it should by default). If it doesn't, right-click and select Modify and enter 0 as the Value data.
-Restart the computer.

Hope this resolves your Query!!

--If the reply is helpful, please Upvote and Accept it as an answer--