How to reconfigure the service to use a unique Diffie-Hellman moduli of 2048 bits or greater

Version 2

    How To:

     

    Ivanti Endpoint Security does not provide option to modify the use of Diffie-Hellman modul, however you can perform this action on your own by following the guide:

     

    Step by Step:

     

    1. You need to have your system updated with KB3174644

    2. Navigate to the following Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\KeyExchangeAlgorithms

    3 Create a new sub key named Diffie Hellman (if it didn´t already exists)

    4 Inside Diffie Hellman create a new DWORD called "Enabled" with the value 0

    5 Inside Diffie Hellman create a new DWORD called "ServerMinKeyBitLength"=dword:00000800

    6 Reboot the computer