When running an SSLLABS SSL Server Test against a site that is published on TMG you may get the following error “Insecure Client-initiated Renegotiation – Supported INSECURE”
To resolve this error on TMG do the following:
- Ensure KB980346 is installed on your TMG server
- If not install it via Windows Update
- You can disable Insecure Renegotiation by adjusting the following registry key
- Navigate to “HKEY_LOCAL_MACHINESystemCurrentControlSetControlSecurityProvidersSCHANNEL” in REGEDIT
- Create the following DWORD “AllowInsecureRenegoClients” with a value of 0
- Restart server
Now if you run the SSLLABS check all is good J