Reputation:
SSL/TLS Issues on IE9
I have an asp.net site on a secured site. It would not allow me to view it. It recommended changing the SSL and TLS settings in the advanced tab of tool options. This worked. Although I don't want a workaround to make the site work as it would be annoying for everyone that goes to the site in IE would have to apply this workaround. Is there something on the server I need to set or in .net?
Thanks.
Upvotes: 0
Views: 253
Answers (1)
Reputation: 32953
Since the POODLE attack SSL 3.0 is considered insecure, and many websites already disabled it.
Now, according to this table on Wikipedia TLS 1.1 and 1.2 are supported in IE9, but disabled by default. The fact that you actually had to enable TLS 1.1 seems to suggest that the website operator also disabled TLS 1.0.
Best remedy is to update that old browser (IE9 is 6.5 years old) or just once fully enable TLS. The only reason they left it disabled as installed is probably just compatibility with some long-forgotten legacy product of them anyways.
Just recently it was discovered that the POODLE can also bite TLS, but SSL Labs already has a test for it so you can quickly verify if your site is immune.
Upvotes: 1
Related Questions
- Windows 7, IE 8, SSL (128bit keys, TLS 1.2): Attempts to download webpage instead of displaying it. Fails horribly
- Site SSL content issue on Firefox and IE
- IE8 SSL Cert Problems while other browsers work like a charm
- SSL: Insecure Content IE
- SSL Domain Name Mismatch (IE9 only)
- debugging IE9 "only display secure content"
- SSL Certificate seen as invalid by older versions of IE
- SEC7111 issue in IE9 complaining about https content
- IIS7 and IE6 ssl issues
- Problem related to https that only exists in IE8 (not any other browsers)