I am looking for someone who knows Windows Server 2012 R2 Standard TLS/SSL security like the back of their hand.
We have one server which is failing the PCI scan on ports 25, 465, 993 and 995 due to TLS 1.0 supported. I have made all of the suggested registry changes that have worked on our other servers, but it still shows TLS 1.0 active. Then I found that HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy was enabled. Upon disabling that, it looks like TLS 1.0 is no longer active, but nor are 1.1 or 1.2. And once that is inactivated, our mail is not going out our SMTP service provided by MailEnable.
I need someone with excellent written AND spoken English who will work with me in a joint session during non-US business hours (evening preferred) who is 100% confident that they can address this quickly and easily. I have spent countless hours and months on and off trying to resolve this.
I currently work at a credit union as my day job and just went though something very similar the past couple of weeks. We are passing our PCI scans now with flying colors thanks to the work I did to remediate the issue.
I would suspect that we could get this fixed in under an hour. Also have no problem working on this after hours, even in the middle of the night or on the weekend. Sounds like you will want to make this change when you have an approved maintenance window. So short story is when you tell me we can work on it together, I will be there when you hire me.
Also, I know I have no track record yet on freelancer but just take a look at my experience and you will see clearly that I can get this done for you quickly and successfully.
Let me know if you any questions and look forward to working with you.
Thanks!
$105 USD in 1 day
5.0 (3 reviews)
3.9
3.9
5 freelancers are bidding on average $130 USD for this job
Hello. I carefully studied your project. The task is very interesting. Theoretically, I think, when editing the register should work, if not, there is a nuance. I did not do this before (I'll mean TLS 1.0 to TLS 1.2), but I'm ready to do it. I have my own server, where I can conduct testing for you, and then transfer the result to your server. I have a bad English speaking, preferably chatting. Thank you
My skills
Linux Servers/5 years
Computer Security/5 years
Postfix/4 years
Apache/5 years
Nginx/3 years
Mysql/3 years
Joomla/3 years
Wordpress/2 years
Seo/2 years
Windows Servers/5 years
Powershell/3 years
Office 365/3 years
Microsoft Exchange Server/4 years
Network Administration/5 years
Hello. I am administrator with more than 10 years experience. We can try resolve your issue. All your mentioned ports are used by mail server. Unfortunately you'll never get pci compliance because you need leave port 25 allowing unencrypted communications which actually non-pci compliant. So solution for you is either using smart host for emails or moving email server to different IP.
Hi there! I'd be delighted to get this sorted for you... I can chat on a couple of hours, and could potentially get started on this tonight. Plenty of experience with PCI DSS compliance.
Relevant Skills and Experience
Very familiar with PCI DSS, and have resolved similar issues on a number of Windows based web servers.
I resolved a very similar issue for another client last month, check my reviews for that one!