Windows 10客户端及Windows server 2016 服务器可以使用powershell 命令获得系统支持的密码套件列表,禁用启用相应的密码套件。
#命令链接:https://technet.microsoft.com/zh-cn/library/dn931990.aspx
#win10 server2016获得系统支持的套件的列表
Get-TlsCipherSuite |ft name #win10 server2016启用密码套件 Enable-TlsCipherSuite -name "" #win10 server2016禁用密码套件 Disable-TlsCipherSuite -name ""
Windows server 2016之前版本微软并没有给出相应的powershell 命令来获取密码套件列表,但在msdn上给出了c++代码
msdn链接:https://msdn.microsoft.com/en-us/library/windows/desktop/bb870930(v=vs.85).aspx
1 #include <stdio.h> 2 #include <windows.h> 3 #include <bcrypt.h> 4 5 6 void main() 7 { 8 9 HRESULT Status = ERROR_SUCCESS; 10 DWORD cbBuffer = 0; 11 PCRYPT_CONTEXT_FUNCTIONS pBuffer = NULL; 12 13 Status = BCryptEnumContextFunctions( 14 CRYPT_LOCAL, 15 L"SSL", 16 NCRYPT_SCHANNEL_INTERFACE, 17 &cbBuffer, 18 &pBuffer); 19 if(FAILED(Status)) 20 { 21 printf_s("\n**** Error 0x%x returned by BCryptEnumContextFunctions\n", Status); 22 goto Cleanup; 23 } 24 25 if(pBuffer == NULL) 26 { 27 printf_s("\n**** Error pBuffer returned from BCryptEnumContextFunctions is null"); 28 goto Cleanup; 29 } 30 31 printf_s("\n\n Listing Cipher Suites "); 32 for(UINT index = 0; index < pBuffer->cFunctions; ++index) 33 { 34 printf_s("\n%S", pBuffer->rgpszFunctions[index]); 35 } 36 37 Cleanup: 38 if (pBuffer != NULL) 39 { 40 BCryptFreeBuffer(pBuffer); 41 } 42 }