When Chrome displays "Your connection is encrypted with obsolete cryptography," it's specifically flagging the RSA key exchange mechanism. This happens because:
- RSA key exchange doesn't provide forward secrecy (PFS)
- Modern security standards prefer ephemeral key exchanges (DHE/ECDHE)
- Major browsers now deprecate static RSA key exchanges
To implement modern key exchange on Windows Server 2012 (IIS 8), you'll need to modify both registry settings and SSL bindings:
Step 1: Update SCHANNEL Protocols
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms]
"Diffie-Hellman"=dword:ffffffff
"ECDH"=dword:ffffffff
"PKCS"=dword:ffffffffStep 2: Prioritize Cipher Suites
$cipherOrder = @(
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002'
-Name 'Functions' -Value ($cipherOrder -join ',')After making these changes, restart IIS and verify using:
nmap --script ssl-enum-ciphers -p 443 yourdomain.comOr with OpenSSL:
openssl s_client -connect yourdomain.com:443 -cipher ECDHE-RSA-AES256-GCM-SHA384While DHE/ECDHE improves security, there are tradeoffs:
| Algorithm | Security | CPU Overhead |
|---|---|---|
| RSA | No PFS | Lowest |
| DHE_RSA | PFS | High (2048-bit) |
| ECDHE_RSA | PFS | Medium (P-256) |
- If clients fail to connect, check if they support ECDHE ciphers
- For legacy support, you might need hybrid configurations:
$hybridOrder = @(
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_GCM_SHA384"
)When Chrome displays "Your connection to this website is encrypted with obsolete cryptography," it's specifically flagging your use of RSA key exchange. Modern browsers now prefer forward-secret key exchange algorithms like DHE_RSA or ECDHE_RSA.
IIS 8 on Windows Server 2012 defaults to RSA key exchange for backward compatibility. Here's how the key exchange mechanisms compare:
// Sample cipher suite comparison
RSA: No forward secrecy, vulnerable to key compromise
DHE_RSA: Provides forward secrecy (ephemeral Diffie-Hellman)
ECDHE_RSA: Stronger forward secrecy with elliptic curve cryptography
First, check your current SSL configuration:
netsh http show sslcert
To implement DHE_RSA or ECDHE_RSA, we'll use Windows PowerShell:
# Disable weak cipher suites first
Disable-TlsCipherSuite -Name "TLS_RSA_WITH_AES_256_CBC_SHA256"
Disable-TlsCipherSuite -Name "TLS_RSA_WITH_AES_128_CBC_SHA256"
# Enable modern cipher suites
Enable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
Enable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
Enable-TlsCipherSuite -Name "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
In IIS Manager:
- Open "Server Certificates" feature
- Select your certificate and view "Edit Feature Settings"
- Check "Require Server Name Indication"
- Set "SSL Settings" to "Accept" or "Require"
Use OpenSSL to test:
openssl s_client -connect yourdomain.com:443 -cipher "ECDHE"
Or use this PowerShell command to verify enabled cipher suites:
Get-TlsCipherSuite | Format-Table Name, Certificate
- Older clients (Windows XP, Android 4.x) may lose connectivity
- Ensure your SSL certificate uses SHA-256 or stronger
- Reboot the server after making changes
While ECDHE_RSA is more secure, it has slightly higher CPU overhead than RSA. Benchmark with:
# Measure TLS handshake performance
New-WebServiceProxy -Uri https://yoursite.com | Measure-Command { $_.Ping() }