Jump to content

Upgrading IE8 to TLS 1.2

Thomas S.

By Thomas S.
in Windows XP

 Share

Recommended Posts

Vistaboy

Vistaboy

Posted
Posted

It seems that a lot of site gradually can't be open in IE8 also with TLS 1.1/1.2 checked.

Just for testing purpose can someone confirm for example on this?


NojusK

NojusK

Posted
Posted
14 hours ago, Vistaboy said:

It seems that a lot of site gradually can't be open in IE8 also with TLS 1.1/1.2 checked.

Just for testing purpose can someone confirm for example on this?

Well, the site might be using ECC or SNI that XP AFAIK doesn't have, i'm currently not at home so can't confirm it:)

1
Vistaboy

Vistaboy

Posted
Posted

Leaving aside the specific case, this represents a known limit in the workplace today on XP systems. Since MS Office (this is especially true for Excel/Access) interacts online (for example through macros) in IE8 by default, so if the sites that display databases (think to corporate or institutional database) are unreachable due to IE8 failings, it is not possible to work with Excel/Access worksheets who exchange/update data from Internet.

Mathwiz

Mathwiz

Posted
Posted

True. Luckily, ProxHTTPSProxyMII works with Office apps just as it does with "straight" IE8, Chrome, etc.

It's nice that M$ added support for TLS 1.2 (and the AES cipher) while POSReady '09 was in support, but it's just not enough anymore.

1
VistaLover

VistaLover

Posted
Posted
On 7/14/2019 at 10:22 PM, Vistaboy said:

It seems that a lot of site gradually can't be open in IE8 also with TLS 1.1/1.2 checked.

Just for testing purpose, can someone confirm for example on this?

... Just being pedantic here, but usually an SSLlabs Server test will reveal what's really wrong with https://tipsterarea.com/

https://www.ssllabs.com/ssltest/analyze.html?d=tipsterarea.com

... i.e. the server does support old TLS 1.0 protocol (so "TLS 1.1/1.2 checked" is irrelevant here) with 4 cipher suites, 

TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 2048 bits   FS   WEAK 	128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH sect571r1 (eq. 15360 bits RSA)   FS   WEAK 	128
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits   FS   WEAK 	256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH sect571r1 (eq. 15360 bits RSA)   FS   WEAK 	256

... 2 of which don't use ECC, but the real breaker here is to be found, as correctly pointed out by previous posters, under the Handshake Simulation section:

IE 8 / XP   No FS   No SNI   Server sent fatal alert: handshake_failure

:P

1
  • 1 year later...
RogerV

RogerV

Posted
Posted

I am a new member  XP SP3

I cannot get IE8 to work with TLS1.2

I followed the suggestions in the post about registry changes and installed KB4316682,  KB4019276

I get the check boxes for TLS1.0  ;   TLS1.1 and TLS1.2 in IE8|Advanced Options  but I still can not open any https websites in IE8

For example I can not open with IE8  https://www.howsmyssl.com

Is this thread still active

Hope someone can help

 

ED_Sln

ED_Sln

Posted
Posted

Now a lot of sites began to switch to new types of encryption, so even if a site with TLS1.2, then it may have encryption, which is not supported in XP. For example, https://www.howsmyssl.com has the following encryption: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, it is not supported in XP.

RogerV

RogerV

Posted
Posted

hi thanks for the quick reply

i have never used a proxy before.

can you guide me through the maze.

i googled  Proxy HTTPS Proxy wheever/ProxHTTPSProxyMII:

i am totally confused by Proxomitron and ProxHTTPSProxy

Is it two products?

how to install?

Thanks much

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...