We are disabling TLS 1.0 and TLS 1.1 in three months’ time

Reading Time: < 1 minute

Windows Server 2008 R2

Today marks the end of support for Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 from Microsoft.

From a website perspective, these Operating Systems were the last Operating Systems not supporting TLS 1.2 out of the box.

We regularly see visits from these Operating System and recognize the value we have to Active Directory administrators on these Operating Systems when they encounter issues that may block their project progress.

We do not judge or condone the use of Windows Server 2008 and Windows Server 2008 R2 beyond Microsoft’s support lifecycle period, but we do value the security of our website and the information people exchange with us.

Therefore, we are moving to a configuration that is common for all Microsoft-supported Operating Systems and major browsers. This means we’ll be making the following changes on April 14th, 2020:

  • We will disable TLS 1.0
  • We will disable TLS 1.1
  • We will disable the following weak cipher suites:
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
    • TLS_RSA_WITH_AES_256_GCM_SHA384
    • TLS_RSA_WITH_AES_128_GCM_SHA256
    • TLS_RSA_WITH_AES_256_CBC_SHA256
    • TLS_RSA_WITH_AES_128_CBC_SHA256
    • TLS_RSA_WITH_AES_256_CBC_SHA
    • TLS_RSA_WITH_AES_128_CBC_SHA
    • TLS_RSA_WITH_3DES_EDE_CBC_SHA

 

However, if an information security situation emerges that urges us to remove the above protocols before the aforementioned date, we will make these changes at an earlier date.

Thank you,

DirTeam CTO

Author: Sander Berkouwer

Sander Berkouwer is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.