How to Pass PCI – Disable TLS 1.0, SSL 2.0, SSL 3.0

If you are trying to pass PCI Compliance, the security scan may complain your Windows 2008 Server R2 having TLS 1.0, or SSL 2.0 or SSL 3.0 enabled.

1. VERY IMPORTANT: Install this optional update or you won’t be able to remote desktop to the server after you disable TLS 1.0


2. You might need to add TLS 1.2 support for your SQL Server.


3. Useful Tool

Use the following to disable TLS 1.0 and other weak cipher suites.

4. FTP Server

I had to apply the follow fix in order for the FTP upload continues to work.  Otherwise, a FTP client, such as Filezilla, reports an error “550 The supplied message is in incomplete.  The signature was not verified”.  The FTP client keeps on repeating the upload of the same file again and again.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s