Windows Server 2008, an operating system that can now be described as obsolete, is still present in companies. Not the R2 version released in 2009 but the initial edition of early 2008, following WS 2003 R2. Ten years later, its support is no longer provided by Microsoft, but if it is still used as a production server, its protection must still be provided.
Typical encryption security features SSL and TLS must therefore be upgraded to protect machines that host websites IIS of Exchange messaging….
Fortunately, if the support is still finished, it is still possible to add support for the latest encryption. Indeed, Microsoft delivers a patch to provide support for TLS 1.1 and 1.2 to Windows Server 2008 SP2 of ten years of age. Note: this fix is free, the only requirement is to have Service Pack 2 installed and of course to have a certificate SSL TLS compatible with this version.
Obviously, the most secure will be to update theOS from the server to Windows Server 2016, which has the longest current maintenance life cycle in terms of both security and functionality.
Windows Server 2008: activate TLS 1.1 and TLS 1.2
To read: Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2
Download the KB401927676 (windows6.0-kb4019276-x64 or windows6.0-kb4019276-x86)