Today marks the end of support for Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 from Microsoft.
From a website perspective, these Operating Systems were the last Operating Systems not supporting TLS 1.2 out of the box.
We regularly see visits from these Operating System and recognize the value we have to Active Directory administrators on these Operating Systems when they encounter issues that may block their project progress.
We do not judge or condone the use of Windows Server 2008 and Windows Server 2008 R2 beyond Microsoft’s support lifecycle period, but we do value the security of our website and the information people exchange with us.
Therefore, we are moving to a configuration that is common for all Microsoft-supported Operating Systems and major browsers. This means we’ll be making the following changes on April 14th, 2020:
- We will disable TLS 1.0
- We will disable TLS 1.1
- We will disable the following weak cipher suites:
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
However, if an information security situation emerges that urges us to remove the above protocols before the aforementioned date, we will make these changes at an earlier date.
Thank you,