This is from Microsoft:

Windows Server 2008 R2 ships with a 64-bit SKU only; no 32-bit SKU is available for the server version of the operating system. However, a 32-bit SKU continues to be available for the Windows 7 client.

https://msdn.microsoft.com/en-us/library/windows/desktop/dd371688(v=vs.85).aspx

So bdf2723, from your most recent two posts, are you saying that I should have added that second key in the registry, even though I didn't find any of the sub-keys in it?  I used the "Easy Fix" tool from this MS article:  https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-s... which added the first key, but with an a00 value, which I then went in and edited to 800.

I'm not too experienced editing the Registry (okay, never until today), so I'm a bit hesitant to do it when I'm not sure what I'm doing.

I just checked a couple of different 2008r2 servers that I have and they all have the Wow6432Node key.  It should be the last key under SOFTWARE. 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\

EIther I looked in the wrong place this afternoon, or the "Easy Fix" that I had downloaded went in and added the Wow6432Node key and the proper sub-keys, because after reading your earlier post and posting my response, I decided to go in and try to add in the key, and as you said most recently, this time I found it.  It was in there, set to a00 (which is why I think the Easy Fix probably added it).  So I changed it to 0800 and was pretty sure that would not make any difference, but it did.  I am now fixed.

Thank you everyone, especially you bdf2723, for your help.  I can't tell you how relieved I am. 

Tom

Glad you got it.

I truely understand the pucker factor when your shopping cart is broke.

Test your SSL Certificate here:

https://www.ssllabs.com/ssltest/

And your browser here:

https://www.ssllabs.com/ssltest/viewMyClient.html

cynshop - What fixed your issue? Down day 3 now, with 2 server techs, 2 IT's and 2 web developers trying to crack our issue! HELP!

I am using Classic ASP on a Windows Server 2008 R2 Standard 64-bit with SQL Server 2012

I use the following code to post a transaction to Authorize.net (which quit working after 14 years on Feb 28!)

set oHttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")

oHttp.Open "POST", "https://secure2.authorize.net/gateway/transact.dll?" & sPostData, false

oHttp.Send ""

sPaymentStatus=oHttp.Status

sPaymentRetval = oHttp.ResponseText

It is now working finally. 

I don’t know if “secure2” (in https://secure2.authorize.net/gateway/transact.dll... it used to just be secure) makes a difference.  It was something an authorize.net rep suggested early in the process but it didn’t solve anything at the time.  I haven’t tried without it.

I also installed .NET 4.6.1 but I don’t know if that was part of the solution.

The following pages on my site show my current security settings after all the changes:

https://www.ssllabs.com/ssltest/analyze.html?d=www.real-estate-agent-lists.com

http://www.real-estate-agent-lists.com/testssl.asp

As best as I can recall with assistance from my host technical support these were the steps:

1. Disable all security settings except TLS 1.2 in the Registry as described earlier in this thread.

There is a key for each protocol located here

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\

The process is described at https://tecadmin.net/enable-tls-on-windows-server-and-iis/

 2. This broke SQL Server connection for me because apparently SQL Server 2012 requires TLS 1.0 or SSL 3.0. This was going to be a big problem but I found a solution here:

https://blogs.sentryone.com/aaronbertrand/tls-1-2-support-read-first/

which has patches that gives SQL Server 2012 TLS 1.2 support.

This however required a change to my connection string in Classic ASP because SQLOLEDB has been deprecated and doesn’t support TLS 1.2!

To fix this problem required installation of SQL Net Client on the server (ODBC may work also) and the following code change to the connection string.  The key changes are “provider” is now SQLNCCLI11 and the end of the connection string is  “Trusted_Connection=No;DataTypeCompatibility=80”  No idea what that does but I saw it somewhere and it works!

sqlConn=”PROVIDER=SQLNCLI11;SERVER=server;DATABASE=dbname;UID=username;pwd=password;Trusted_Connection=No;DataTypeCompatibility=80"

 3. The TLS 1.2 registry change also broke my RDP connection from my Windows 7 (64-bit) computer at home.

I had to install

https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1-1-and-tls-1-2-i...

which gave TLS 1.2 support to my RDP client I think.  It now works.

 4. Finally after all that, my authorize.net MSXML2.ServerXMLHTTP.6.0 post still didn’t work. The final change which was recommended earlier in this thread did the trick… Add a DWORD “DefaultSecureProtocols” value of 800 to the following Registry entries.  Actually I think you only have to do the first one for 32-bit and the second for 64-bit but I did both.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings