SSL_CK_RC4_128_WITH_MD5 Only used when application explicitly requests. TLS_RSA_WITH_NULL_SHA Only used when application explicitly requests. TLS_RSA_WITH_NULL_SHA256 Only used when application explicitly requests. The following cipher suites are enabled and in this priority order by default by the Microsoft Schannel Provider: Cipher suite string Windows 8.1 and Windows Server 2012 R2 are updated by Windows Update by the update 2919355 applied which adds the new cipher suites and changes the priority order. To find out which combinations of elliptic curves and cipher suites will be enabled in FIPS mode, see section 3.3.1 of Guidelines for the Selection, Configuration, and Use of TLS Implementations. For example, a cipher suite such as TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is only FIPS-compliant when using NIST elliptic curves.
#Microsoft activesync windows 8.1 64 how to
To ensure your web services function with HTTP/2 clients and browsers, see How to deploy custom cipher suite ordering.įIPS-compliance has become more complex with the addition of elliptic curves making the FIPS mode enabled column in previous versions of this table misleading. HTTP/2 web services fail with non-HTTP/2-compatible cipher suites.