I've disabled SSLv2 and SSLv3 is on. However I cannot connect to a remote server which fails with
The client and server cannot communicate, because they do not possess a common algorithm
Ran an SSL check (http://www.serversniff.net/sslcheck.php) on the remote server and ours, and noticed none of the ciphers they accept we have on our server. How can this be configured? (Windows Web Server 2008)
Remote Server Accepted SSL ciphers:
DHE-RSA-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
DES-CBC3-SHA
DHE-RSA-AES128-SHA
AES128-SHA
Our server by default accepts:
DES-CBC3-SHA
RC4-SHA
RC4-MD5
Best Answer
If you haven't touched the configuration, strong ciphersuites are enabled by default. The list of default ciphersuites in Vista and Server 2008 is on MSDN.
What you listed are not quite ciphersuite names, as they are missing pieces. AES128-SHA is just part of it. A ciphersuite has few parts - key exchange algorithm, encryption/decryption algorithm, and hmac algorithm, so the AES128-SHA example is missing key exchange algorithm. A proper name will be TLS_RSA_WITH_AES_128_CBC_SHA.
I would recommend ssllabs.com for testing publicly reachable web servers.