如何在 Azure Web 角色上禁用 RC4 密码 [英] How to disable RC4 cipher on Azure Web Roles
问题描述
我有一个托管在 Microsoft Azure Web-Role 上的 Web 应用程序.如何禁用 RC4 密码?
I have a web application that is hosted on Microsoft Azure Web-Role. How can I disable RC4 cipher?
推荐答案
我在使用 Powershell 脚本时遇到的问题是需要修改的键包含正斜杠,而 Powershell 将其视为路径分隔符,脚本失败.
The problem I encountered using a Powershell script was that the keys that require modifying contain a forward slash and Powershell treats this as a path separator and the script fails.
解决方案是创建一个控制台应用程序并将其设置为在启动时运行:
The solution was to create a console application and set that to run at start up:
class Program
{
static void Main(string[] args)
{
string[] subKeys = new string[]
{
"RC4 40/128",
"RC4 56/128",
"RC4 64/128",
"RC4 128/128",
};
RegistryKey parentKey = Registry.LocalMachine.OpenSubKey(
@"SYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphers", true);
foreach (string keyName in subKeys)
{
var newKey = parentKey.CreateSubKey(keyName);
newKey.SetValue("Enabled", 0);
newKey.Close();
}
parentKey.Close();
}
}
将输出文件(在我的情况下为 DisableRc4.exe)复制到 webrole 的根目录并设置为 始终复制
Copy the output file (DisableRc4.exe in my case) to the root of the webrole and set to Copy Always
创建一个包含 DisableRc4.cmd 的文件
Create a file DisableRc4.cmd containing
.DisableRc4.exe
EXIT /B 0
为您的 Web 角色更新 ServiceDefinition.csdef,如下所示
Update ServiceDefinition.csdef for your web role as follows
<Startup>
<Task commandLine="DisableRc4.cmd" executionContext="elevated" taskType="simple" />
</Startup>
我使用 https://www.ssllabs.com/ssltest/验证已删除 RC4 支持index.html
启动前修改
之后
这篇关于如何在 Azure Web 角色上禁用 RC4 密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!