We have an ASP .NET website on IIS 10 on Windows Server 2016. An SSL test reported that the ECDH public parameters are being re-used, which present a security risk. We found one methods is a registry setting as per thesesources, but its not working even after a restart. The issue is not reproducible on Windows Server 2022 and above. Key: HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel\KeyExchangeAlgorithms\ECDH Value: EphemKeyReuseTime Type: DWORD Data : 0 We also tried the b...
