So I ran into a Windows 2008 server that I need to achieve PCI compliance on. To do this SSL 3.0 / TLS 1.0 must be disabled due to the vulnerabilities in these protocols.
The most current info I found was from 2011 and it states that Server 2008 does not support beyond TLS 1.0. Has anything changed since then? I could not find more updated information but I find it hard to believe that Server 2008 is now useless for hosting secure transactions.
http://blogs.msdn.com/b/kaushal/archive/2011/10/02/10218922.aspx
The most current info I found was from 2011 and it states that Server 2008 does not support beyond TLS 1.0. Has anything changed since then? I could not find more updated information but I find it hard to believe that Server 2008 is now useless for hosting secure transactions.
http://blogs.msdn.com/b/kaushal/archive/2011/10/02/10218922.aspx