SSL lab test provides grade B for one of my websites due to AEAD issue. I was wondering how we could enable AEAD support to improve the grading to A.
I am using windows server 2008 R2, TLS1.2 is enabled. I tried IIS Crypto [nartac.com/Products/IISCrypto] and not been able to resolve the issue. "This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B. " is the only comment I get from Qualys SSL lab test result.
Best Answer
I've been using IIS Crypto as well and same issue. What I've found, by accident, is you probably need to Apply the Server Defaults with no reboot required. THEN apply the best practices or your configuration settings. After I do that, I'm able to get past the B "cap" for AEAD.