We tested the application for PCI Compliance and ended up with an error stating that
**SSL Medium Strength Cipher Suites Supported**
And the solution for this is given as
Reconfigure the affected application if possible to avoid use of medium strength ciphers
Can anyone help me how to implement in windows server 2003 using IIS 6.0
Go to the following location from registry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\
You will see a list of cipher key size.
Add a new DWORD key name 'Enabled' with value '0' to the cipher key with the size less than '128'.
Hope this help.
Myo Zaw.