Fix Chrome notification about obsolete encryption in IIS8.5 and SQL Server 2012

Question

I am trying to configure IIS 8.5 on Windows 2012 R2 so that I do not get the notification from Chrome that the website is using obsolete cryptography. The image below is from Mac OS X , but I get a similar message in Windows 8.1 where the encryption algorithm is AES_256_CBC using a SHA1 hash and key exchange is ECDHE_RSA. The problem is the SHA1 message hashing. Google is trying to get websites to use SHA2 message hashing. On the Mac the algorithm used is SHA256 for hash signing but the problem here is the GCM modifier on AES encryption.

I have a new certificate that is 2048-bit RSA certificate supporting SHA256 message hashing.

I have used the NARTAC IIS Crypto tool to configure the IIS server. The Protocols Enabled are TLS 1.0, TLS 1.1 and TLS 1.2 The Ciphers Enabled are TripleDES 168, AES 12/128 and AES 256/256. The Hashes Enabled are SHA, SHA256, SHA384 and SHA512. The Key Exchanges Enabled are Diffie-Hellman, PKCS and ECDH. The SSL Cipher Suites Order for enabled suites are:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 (it really is this way in the latest tool) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_RSA_WITH_AES_256_GCM_SHA384

TLS_RSA_WITH_AES_128_GCM_SHA256

I have tried a large number of variations of this configuration, but none have resulted in a working site with the notification from Chrome gone. If I remove the AES 128/128 from the Ciphers Enabled it appears to have no impact. If I remove SHA from the Hashes Enabled then the website is unable to communicate with the SQL Server 2012 that provides data services to the website. If I remove the SHA1 based SSL Cipher Suites from the supported order then the browser is unable to connect to the server.

Has anyone got a working configuration of Windows IIS 8.5 with SQL Server, where the Chrome notification is gone?

Answer 1

Windows Server 2012 does not appear to provide the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite needed to get rid of this error. See https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx for links to pages which list the cipher suites for the various versions of Server. You will note that Windows Server 2012 does have this cipher suite and I found that upgrading to 2016 was the best way for me to resolve the Google error. Please note that if you upgrade to Windows Server 2016 you will again need to use your IIS_Crypto 2.0 program to order the ciphers appropriately (or whatever ordering interface you choose). Using the Best Practices template will get you there. I chose their cipher order which yields TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 at the top of the list.

Answer 2

Either put TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 on top of the list or don't let the server override the cipher order presented by the client (which puts the preferred ciphers on top). I don't know if there is an option for this.

For more background about the issue see https://security.stackexchange.com/questions/85532/chrome-showing-cryptography-as-obsolete/85544#85544