I'm looking for a very specific situation here with this Poodle exploit. I have a need to disable SSL v2/3 on a subset of my IIS websites, but leave SSL 2/3 available on a few others. Is it possible to do this with IIS 7.5?
Asked
Active
Viewed 832 times
1 Answers
2
As far as I'm aware the SSL settings in IIS are system wide. I have spent a lot of time on this and the only references I've found are for schannel and system wide.
I've dealt with this in the past by using an Apache instance as a proxy.
I've set this up either running on a separate VM or running on the same server, depending on the client. Using mod proxy and per-vhost ssl configuration works well.
When using a single host setup, I adjusted the IIS sites to listen on localhost only and the external IP for Apache.
Skyhawk
- 14,230
Tim Brigham
- 15,655