2

Title says it all. Is there a registry setting or something that will prevent the Windows built-in libraries: WINHTTP and HTTPAPI to not support SSL3?

jmucchiello
  • 215
  • 1
  • 2
  • 6
  • Yes, I'm well aware that there are programming interfaces to those libraries that allow setting a preference. I'm talking about setting the preference system wide so no program, whether I have source code or do not, can use SSL3 (unless they don't use those APIs, obviously). – jmucchiello Oct 23 '14 at 14:58

1 Answers1

2

Both those APIs use, as far as I know, the SCHANNEL API to provide their SSL functionality. Disable SSL 3.0 in the SCHANNEL configuration and any applications using those APIs shouldn't be able to do SSL 3.0 anymore. (No, I haven't actually tested this-- I'm just going on my memory about those APIs.)

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328