如何禁用在Azure上的Web角色RC4密码 [英] How to disable RC4 cipher on Azure Web Roles
问题描述
我有一个在微软的Azure网络角色托管的Web应用程序。
如何禁用RC4密码?
I have a web application that is hosted on Microsoft Azure Web-Role. How can I disable RC4 cipher?
推荐答案
我遇到使用PowerShell脚本是那些需要修改的键包含一个正斜杠和PowerShell会将其视为一个路径分隔符和脚本失败。问题
The problem I encountered using a Powershell script was that the keys that require modifying contain a forward slash and Powershell treats this as a path separator and the script fails.
该解决方案是创建一个控制台应用程序,并设置运行在启动:
The solution was to create a console application and set that to run at start up:
class Program
{
static void Main(string[] args)
{
string[] subKeys = new string[]
{
"RC4 40/128",
"RC4 56/128",
"RC4 64/128",
"RC4 128/128",
};
RegistryKey parentKey = Registry.LocalMachine.OpenSubKey(
@"SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers", true);
foreach (string keyName in subKeys)
{
var newKey = parentKey.CreateSubKey(keyName);
newKey.SetValue("Enabled", 0);
newKey.Close();
}
parentKey.Close();
}
}
输出文件(DisableRc4.exe在我的情况)复制到webrole的根源并设置为复制始终的
创建一个文件包含DisableRc4.cmd
Create a file DisableRc4.cmd containing
.\DisableRc4.exe
EXIT /B 0
你的Web角色更新ServiceDefinition.csdef中如下:
Update ServiceDefinition.csdef for your web role as follows
<Startup>
<Task commandLine="DisableRc4.cmd" executionContext="elevated" taskType="simple" />
</Startup>
我验证使用辗转RC4支持 https://www.ssllabs.com/ssltest/index html的
在启动修改
Before startup modified
在
After
这篇关于如何禁用在Azure上的Web角色RC4密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!